Sysax Multi Server 6.10 SSH DoS

6 minute read Apr 8, 2013 Comments
I was recently fuzzing a bunch of SSH servers, hoping to find some remote code execution in a non-mainstream server. I ended up finding no code execution in the several that I tried, but I did find one pre-auth denial of service in Syax Multi Server 6.10. Try this at home! The vulnerable version can be downloaded here for anyone that would like to duplicate the DoS conditions. Understanding the Key Exchange I found that during the key exchange, where the SSH client and SSH server negotiate which ciphers to use, if you messed up just a single specific byte, the server would crash.
Read more ssh DoS windows sysax exploit metasploit

Sysax 5.64 HTTP Remote Buffer Overflow

2 minute read Jul 28, 2012 Comments
I have discovered a bug in the Sysax Multi-Server application. More specifically, it’s in the HTTP File Server service, which is not enabled by default. It has to be turned on by the admin for this exploit to properly function. The user in question also needs permission to create a directory. In the Sysax service, the configuration would look like this: To trigger this vulnerability is pretty simple. Log into the HTTP File Server:
Read more rop windows sysax exploit hacking metasploit