Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow

Author: Nassim Asrir
type: dos
platform: windows
port: nan
date_added: 2017-03-27 
date_updated: 2017-03-27 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url: http://www.exploit-db.com/screenshots/idlt42000/screen-shot-2017-03-27-at-181654.png 
application_url: http://www.exploit-db.comdisksorterent_setup_v9.5.12.exe

[+] Title: Disk Sorter Server v9.5.12 - Local Stack-based buffer overflow
[+] Credits / Discovery: Nassim Asrir
[+] Author Email: wassline@gmail.com || https://www.linkedin.com/in/nassim-asrir-b73a57122/
[+] Author Company: Henceforth
[+] CVE: N/A

Vendor:
===============

http://www.disksorter.com/


Download:
===========

http://www.disksorter.com/setups/disksortersrv_setup_v9.5.12.exe


Vulnerability Type:
===================

local stack-based buffer overflow


POC:
===================

Launch the program click on :

1 - Server

2 - Connect

3 - and in the Share Name field inject (5000 "A") then the program crashed see the picture.

CVE Reference:
===============

N/A


Tested on:
===============

Windows 7

Win xp