Results 1 to 3 of 3

Thread: Not really exploitable? Share/Save - My123World.Com!

  1. #1

    Not really exploitable?

    Hey fellas,

    Can you please explain smth to me?

    There is this vulnerability:

    It explicitly says that it allows for remote code execution. However when I search in exploit-db for that CVE I get an exploit which does DoS on my lab and crashes the system, and it's also categorized as DOS in metasploit. So how is this arbitrary code? All over the net when looking at notes of this vulnerability, it specifically says the attacker who exploits it can create users, get information etc.

    Am I missing something?

  2. #2
    Garage Addict 41.w4r10r's Avatar
    Join Date
    Jul 2010
    Blog Entries
    This was one of the vulnerability which got large number of security researchers attentions. as far as i know possibility of remote code execution is only proved theoretically and there is no Code Execution Exploit available publicly only DoS POC is available. so you are not doing anything wrong and exploit which you are using is working as intended and crashing your target.

  3. #3
    It is believed that this vulnerability was marked as Critical due to the potential exploitability, rather than based on any actual proof that it is.

    Microsoft does this in many instances, if enough indicators show that this vulnerability is exploitable, they will mark it as such even if there is no exploit code.

    A similar case happened with the IIS FTP vulnerability - which started as Windows 7 IIS7.5 FTPSVC UNAUTH'D Remote DoS PoC (i.e. just a DoS) - but then was later proven that under certain circumstances - a bit complicated ones - it could become a code execution vulnerability - see the reference to this here - Pwnie Awards 2011.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts