Skip to content
/ CVE-2018-8065 Public

Flexense HTTP Server <= 10.6.24 - Denial Of Service Exploit

License

MIT license
5 stars 7 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

EgeBalci/CVE-2018-8065

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
dos.py
dos.py
 
 
flexense_http_server_dos.md
flexense_http_server_dos.md
 
 
flexense_http_server_dos.rb
flexense_http_server_dos.rb
 
 

Repository files navigation

Flexense HTTP Server <= 10.6.24 - Denial Of Service Vulnerability

    # Exploit Title: Flexense HTTP Server <= 10.6.24 - Denial Of Service Vulnerability
    # Date: 03-09-2018
    # Exploit Author: Ege Balcı
    # Vendor Homepage: http://www.syncbreeze.com
    # Software Link: https://github.com/EgeBalci/Sync_Breeze_Enterprise_10_6_24_-DOS/raw/master/syncbreezeent_setup_v10.6.24.exe
    # Version: 10.6.24
    # Tested on: Windows 7/10
    # CVE: 2018-8065

This module triggers a Denial of Service vulnerability in the Sync Flexense HTTP Server . After installing the software, web server should be enabled via Options->Server->Enable web server on port. Module triggers a user space write access violation on syncbrs.exe memory region. Number of requests that will crash the server changes between 200-1000 depending on the OS version and system memory. Sync Breeze Enterprise 10.6.24 version reportedly vulnerable.

Exploits

MSF Module
PYTHON

About

Flexense HTTP Server <= 10.6.24 - Denial Of Service Exploit

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

4 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages