Io e un mio amico abbiamo trovato la suddetta vulnerabilità sul suo router, purtroppo non abbiamo trovato exploit, sappiamo "solo" la sua descrizione:
The remote Samba server, according to its version number, is vulnerable to a remote buffer overrun resulting from an integer overflow vulnerability.
To exploit this flaw, an attacker would need to send to the remote host a malformed packet containing hundreds of thousands of ACLs, which would in turn cause an integer overflow resulting in a small pointer being allocated.
An attacker needs a valid account or enough credentials to exploit this flaw.
Purtroppo noi di overflow, fuzzing e compagnia ne sappiamo poco, qualcuno saprebbe spiegarci come sfruttarla?
The remote Samba server, according to its version number, is vulnerable to a remote buffer overrun resulting from an integer overflow vulnerability.
To exploit this flaw, an attacker would need to send to the remote host a malformed packet containing hundreds of thousands of ACLs, which would in turn cause an integer overflow resulting in a small pointer being allocated.
An attacker needs a valid account or enough credentials to exploit this flaw.
Purtroppo noi di overflow, fuzzing e compagnia ne sappiamo poco, qualcuno saprebbe spiegarci come sfruttarla?