lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <Sea2-DAV64MgPWk8Ris00009954@hotmail.com>
From: this_is_kris at hotmail.com (Kristian Hermansen)
Subject: Blaze Audio VoiceSFX "Abnormal Process Termination" vulnerability

________________________________________________________________________

                Blaze Audio VoiceSFX Advisory
________________________________________________________________________

Date:                   July 15th, 2003

Affected versions: 1.3.0.6 (trial), possibly older/newer versions as well
________________________________________________________________________

Problem Description:

 According to the trial license you are not allowed to save your wav files unless you purchase the full version of the software.  There is an inherent "Process Termination Vulnerability" within the software that allows the user to capture a live wave file to disk, thus circumventing the trial limitation.

To exploit this vulnerability just start recording your wave file with an effect on it in real-time.  Then, instead of stopping the recording just terminate the program by clicking the "X" at the top right hand corner of the window and BAM!!!  The UNTITLED.WAV file is still stored in the program's install directory for your consumption.  Do this everytime you would like to save your work.  Have fun with this exploit...

Remember never to purchase software because bits arranged in a certain order are absolutely meaningless.  With enough computing power one could brute force the bits of this 2 MB program in just under a few days, thus eliminating the need to purchase the full version.
________________________________________________________________________

References:
  
  http://www.blazeaudio.com



Kris Hermansen
"Software analysis for the illegally blind"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030715/237148ce/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ