CVE-2007-4375

Diskeeper - Information Disclosure and Denial of Service via RPC Memory Comparison Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4375. PoCs published by Pravus.

AI-analyzed exploit summary This exploit leverages a memory comparison function in Diskeeper's administrative interface to remotely read memory, potentially bypassing ASLR by extracting module information from shared user memory.

Description

The administrative interface (aka DkService.exe) in Diskeeper 9 Professional, 2007 Pro Premier, and probably other versions exposes a memory comparison function via RPC over TCP, which allows remote attackers to (1) obtain sensitive information (process memory contents), as demonstrated by an attack that obtains module base addresses to defeat Address Space Layout Randomization (ASLR); or (2) cause a denial of service (application crash) via an out-of-bounds address.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Pravus · c++remotewindows

https://www.exploit-db.com/exploits/4292

View Code ZIP pw:eip

This exploit leverages a memory comparison function in Diskeeper's administrative interface to remotely read memory, potentially bypassing ASLR by extracting module information from shared user memory.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Diskeeper 9 Professional, Diskeeper 2007 Pro Premier

No auth needed

Prerequisites: Network access to TCP port 31038 · Diskeeper administrative interface enabled

MITRE ATT&CK