------------------------------------------------------------------ - EXPL-A-2003-010 exploitlabs.com Advisory 010 ------------------------------------------------------------------ -= PerlEdit =- exploitlabs.com June 21, 2003 Vunerability: ------------- Remote Crash Product: -------- PerlEdit http://www.indigostar.com/perledit.html Description of product: ----------------------- "PerlEdit is an IDE for Perl and a general-purpose text editor. It includes a source code text editor with syntax highlighting and a visual debugger." screenshot: http://www.indigostar.com/perledit_screenshots.html VUNERABILITY / EXPLOIT ====================== Upon execution perledit ( pe.exe ) binds to local TCP port 1956. Connecting via Telnet localy or remotely causes the program to crash, resulting in a total loss of unsaved data. This test was run on XP running perledit 1.06 and 1.07 connecting via XPpro and Win2kpro telnet.exe, pressing enter, then exiting via the close dialog box. ------------- 'sploit ------------------------- telnet host-running-perledit 1956 READY ( exit telnet ) remote perledit crashes. Further investigation may lead to more serious issues, I did not persue as this was bad enough. Local: ------ yes Remote: ------- yes Vendor Fix: ----------- No fix on 0day Vendor Contact: --------------- support@indigostar.com - Concurrent with this advisory Credits: -------- Donnie Werner http://exploitlabs.com