WARNING: Stack unwind information not available. and earlier allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted command. Defaulted to export symbols for C:\Program Files (x86)\Autodesk\Backburner\libDLnrapi30.dll - CVE Vendors Products Updated CVSS v2 CVSS v3 CVE-2016-2344: 1 Autodesk: 1 Autodesk Backburner: : 7.8 HIGH: 7.5 HIGH: Stack-based buffer overflow in manager.exe in Backburner Manager in Autodesk Backburner 2016 2016. *** ERROR: Symbol file could not be found. (1500.1034): Access violation - code c0000005 (first chance)įirst chance exceptions are reported before any exception handling. text:1005225B jnz short python BackBurner-NullDereference.py -host 172.16.36.133 text:1005224A cmp word ptr, 78h Crash Point - null dereference
It does nothing when no argument is passed with the command.
text:10052243 call This is the buggy function.
text:10052144 jmp ds ff_10054648 switch jumpįollowing command, without any argument leads to crash Autodesks software is the industry standard in Media & Entertainment, Architecture, Manufacturing, and Automotive for creating visual effects. Results into Null Dereferece leading to Denial of Service.Īvailable Remote telnet 172.16.36.133 3234įollowing is switch-case portion when program determines which command is executed: The application does not take care of number of arguments passed to a specific remote command and The vulnerability exists in libDLnrapi30.dll which is a Dynamic Link Library loaded by Backburner Manager process manager.exe For a particular command it fails to handle the request when insufficient number of arguments are passed and results into Null Dereference crash leading to Denial of Service.Īutodesk BackBurner Denial of Service (Null Dereference)
Autodesk BackBurner listens on TCP port 3234 and accepts a set of telnet commands from remote machines.