Amlib NetOpacs Stack-Based Buffer Overflow Vulnerability in webquery.dll

A stack-based buffer overflow vulnerability has been identified in Amlib's NetOpacs webquery.dll. This issue arises from inadequate input validation of HTTP GET parameters, particularly the 'app' parameter. The vulnerability allows attackers to send overly long strings that overwrite memory structures, including the Structured Exception Handler (SEH), potentially leading to arbitrary code execution. Additionally, malformed parameter names followed by an equals sign can disrupt normal control flow. This vulnerability is accessible through Internet Information Services (IIS) and impacts older Windows versions.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected system.

Reproduction

The vulnerability can be reproduced by sending a crafted HTTP GET request to the server hosting Amlibweb NetOpacs. The request must include an excessively long string in the 'app' parameter, which will overwrite the SEH and allow for code execution. This can be done using a tool like Metasploit, which has a module specifically for this vulnerability.