![]() # - Added support for Zerosum0x0 shellcode Failed exploit attempts could result in a # Impact: An attacker could exploit this vulnerability to execute arbitrary code in the # result = (unsigned int)&v5 & 0xFFFFFFFC ![]() # int v4 // _BYTE *v5 // unsigned int result // v4 = a1 + 8 # unsigned int _fastcall SrvOs2FeaToNt(int a1, int a2) The vulnerability trigger point is as follows: # and when the logic is not correct it leads to a cross-border copy. # boundary-checks on user-supplied input. # vulnerability because the application fails to perform adequate # Description: SMBv1 SrvOs2FeaToNt OOB is prone to a remote code execution ![]() # Tested on: Microsoft Windows Server 2008 圆4 SP1 R2 Standard # Found this and more exploits on my open source security project: # Date and time of release: May, 9 2017 - 13:00PM # Exploit Author: Juan Sacco at KPN Red Team. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |