Primary

Context

EKG Gadu Local Buffer Overflow Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A local buffer overflow vulnerability has been identified in EKG Gadu version 1.9~pre+r2855-3+b1. This vulnerability arises in the username handling, where local attackers can execute arbitrary code by providing an oversized username string. The overflow is triggered in the strlcpy function by passing a crafted buffer that exceeds 258 bytes, allowing the attacker to overwrite the instruction pointer and execute shellcode with user privileges.

Impact

Exploitation of this vulnerability leads to a local buffer overflow, allowing for arbitrary code execution with user privileges.

Reproduction

The vulnerability can be reproduced by sending a username string longer than 258 bytes to the application. This can be done using a Python script that generates a buffer of the required size, which is then passed to EKG Gadu. The overflow can be verified by using a debugger to check the stack and confirm that the instruction pointer has been overwritten.

Added: Mar 28, 2026, 12:18 PM

Updated: Mar 28, 2026, 12:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

1.9

exploitability

4.2

remediation

0.0

relevance

4.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

1.9

exploitability

4.2

remediation

0.0

relevance

4.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

EKG Gadu Local Buffer Overflow Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Reproduction

Affected Products

EKG Gadu

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating