Skip to content

EgeBalci/Sync_Breeze_Enterprise_10_6_24_-DOS

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 

Sync_Breeze_Enterprise_10_6_24_-DOS

    # Exploit Title: Sync Breeze Enterprise 10.6.24 - Denial Of Service Vulnerability
    # Date: 03-09-2018
    # Exploit Author: Ege Balcı
    # Vendor Homepage: http://www.syncbreeze.com
    # Software Link: http://www.syncbreeze.com/setups/syncbreezeent_setup_v10.6.24.exe
    # Version: 10.6.24
    # Tested on: Windows 7/10
    # CVE: 2018-8065

This module triggers a Denial of Service vulnerability in the Sync Breeze Enterprise HTTP server. After installing the software, web server should be enabled via Options->Server->Enable web server on port. Module triggers a user space write access violation on syncbrs.exe memory region. Number of requests that will crash the server changes between 200-1000 depending on the OS version and system memory. Sync Breeze Enterprise 10.6.24 version reportedly vulnerable.

Exploits

MSF Module
PYTHON

About

Sync Breeze Enterprise 10.6.24 - Denial Of Service Vulnerability

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published