WinHKI Multiple Remote Vulnerabilities
BID:12176
Info
WinHKI Multiple Remote Vulnerabilities
| Bugtraq ID: | 12176 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 06 2005 12:00AM |
| Updated: | Jan 06 2005 12:00AM |
| Credit: | Discovery is credited to Rafel Ivgi, The-Insider <[email protected]>. |
| Vulnerable: |
WinHKI WinHKI 1.4 d |
| Not Vulnerable: | |
Discussion
WinHKI Multiple Remote Vulnerabilities
WinHKI is reportedly prone to multiple remote vulnerabilities. These issues may allow an attacker to carry out denial of service and directory traversal attacks to place files in arbitrary locations on a vulnerable computer.
The following specific issues were identified:
The first two issues may allow remote attackers to carry out denial of service attacks. An attacker can craft a malicious BH or LHA file and send it to a user to be processed through WinHKI. If successful, this may result in a crash or a hang.
An attacker can also carry out directory traversal type attacks to place malicious files in arbitrary locations. These issues present themselves when the application processes malformed BH, CAB, and ZIP compressed files. This can allow the attacker to place potentially malicious files and corrupt data on a computer, which can aid in various attacks.
WinHKI 1.4d is reported prone to these vulnerabilities. It is possible that other versions are affected as well.
WinHKI is reportedly prone to multiple remote vulnerabilities. These issues may allow an attacker to carry out denial of service and directory traversal attacks to place files in arbitrary locations on a vulnerable computer.
The following specific issues were identified:
The first two issues may allow remote attackers to carry out denial of service attacks. An attacker can craft a malicious BH or LHA file and send it to a user to be processed through WinHKI. If successful, this may result in a crash or a hang.
An attacker can also carry out directory traversal type attacks to place malicious files in arbitrary locations. These issues present themselves when the application processes malformed BH, CAB, and ZIP compressed files. This can allow the attacker to place potentially malicious files and corrupt data on a computer, which can aid in various attacks.
WinHKI 1.4d is reported prone to these vulnerabilities. It is possible that other versions are affected as well.
Exploit / POC
WinHKI Multiple Remote Vulnerabilities
An exploit is not required.
Proof of concept examples may be obtained from the following locations:
BH file:
http://theinsider.deep-ice.com/poc.bh
LHA file:
http://theinsider.deep-ice.com/poc.lha
ZIP file:
http://theinsider.web1000.com/WINACE-WINHKI ZIP TRANSVERSAL.zip
CAB file:
http://theinsider.web1000.com/hki transversal.cab
An exploit is not required.
Proof of concept examples may be obtained from the following locations:
BH file:
http://theinsider.deep-ice.com/poc.bh
LHA file:
http://theinsider.deep-ice.com/poc.lha
ZIP file:
http://theinsider.web1000.com/WINACE-WINHKI ZIP TRANSVERSAL.zip
CAB file:
http://theinsider.web1000.com/hki transversal.cab
Solution / Fix
WinHKI Multiple Remote Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.