Disk Sorter Server version 9.5.12 suffers from a buffer overflow vulnerability.
a21451e3372442b97f574944538496bf
[+] Title: Disk Sorter Server v9.5.12 - Local Stack-based buffer overflow
[+] Credits / Discovery: Nassim Asrir
[+] Author Email: [email protected] || https://www.linkedin.com/in/nassim-asrir-b73a57122/
[+] Author Company: Henceforth
[+] CVE: N/A
Vendor:
===============
http://www.disksorter.com/
Download:
===========
http://www.disksorter.com/setups/disksortersrv_setup_v9.5.12.exe
Vulnerability Type:
===================
local stack-based buffer overflow
POC:
===================
Launch the program click on :
1 - Server
2 - Connect
3 - and in the Share Name field inject (5000 "A") then the program crashed see the picture.
CVE Reference:
===============
N/A
Tested on:
===============
Windows 7
Win xp