Angry IP Scanner Denial-of-Service Vulnerability
Vulnerability
A denial-of-service vulnerability has been identified in Angry IP Scanner for Linux, specifically in version 3.5.3. This vulnerability allows local attackers to crash the application by entering malformed input into the port selection field. By crafting a string that includes buffer overflow patterns and pasting it into the Preferences Ports tab, attackers can trigger an application crash.
Impact
Exploitation of this vulnerability leads to a crash of the Angry IP Scanner application, causing a denial-of-service condition where the application becomes unresponsive or unavailable.
Reproduction
To reproduce this vulnerability, first create a text file containing a buffer overflow payload. This can be done using a simple Python script that writes a crafted string into a file. After preparing the payload, open Angry IP Scanner and navigate to the 'Preferences' menu. In the 'Ports' tab, paste the crafted string into the 'Port selection' field and confirm the selection. The application will crash, demonstrating the denial-of-service vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.