Infiltrator Network Security Scanner Buffer Overflow Vulnerability Leading to Denial-of-Service
Vulnerability
A buffer overflow vulnerability has been identified in Infiltrator Network Security Scanner version 4.6. This vulnerability allows local attackers to cause a denial-of-service condition by sending an oversized input string. Specifically, attackers can paste a 6000-byte payload into the Scan Target field, which crashes the application when the Scan button is clicked.
Impact
Exploitation of this vulnerability leads to a crash of the Infiltrator Network Security Scanner application, causing a denial-of-service condition.
Reproduction
To reproduce this vulnerability, first create a payload of 6000 bytes consisting of repeated characters. Save this payload to a file named 'exploit.txt'. Then, open Infiltrator Network Security Scanner version 4.6 on a Windows 7 32-bit system. Once the application is running, paste the contents of 'exploit.txt' into the Scan Target field. Click the Scan button and wait for the application to crash.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.