lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <Law11-OE19TRqf69aZb0004dc73@hotmail.com>
From: se_cur_ity at hotmail.com (morning_wood)
Subject: Indigostar - Perledit

------------------------------------------------------------------
          - EXPL-A-2003-010 exploitlabs.com Advisory 010
------------------------------------------------------------------
                         -= PerlEdit =-


exploitlabs.com
June 21, 2003


Vunerability:
-------------
Remote Overflow

Product:
--------
PerlEdit
http://www.indigostar.com/perledit.html


Description of product:
-----------------------
"PerlEdit is an IDE for Perl and a general-purpose text editor.
It includes a source code text editor with syntax highlighting
and a visual debugger."

screenshot: http://www.indigostar.com/perledit_screenshots.html  



VUNERABILITY / EXPLOIT
======================

 Upon execution perledit ( pe.exe ) binds to local TCP port 1956.
Connecting via Telnet localy or remotely causes the program
to crash, resulting in a total loss of any unsaved data.

This test was run on XP running perledit 1.06 and 1.07 connecting
via XPpro / Win2kpro telnet.exe, pressing enter, then exiting via
the close dialog box.

------------- 'sploit -------------------------

telnet host-running-perledit 1956

READY

( exit telnet ) remote perledit crashes.


 Further investigation may lead to more serious issues, I did not
persue as this was bad enough.


Local:
------
yes

Remote:
-------
yes

Vendor Fix:
-----------
No fix on 0day


Vendor Contact:
---------------
support@...igostar.com - Concurrent with this advisory


Credits:
--------
Donnie Werner
http://exploitlabs.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ