10-Strike Network Scanner Buffer Overflow Vulnerability Allowing Code Execution

A local buffer overflow vulnerability has been identified in 10-Strike Network Scanner version 3.0. This vulnerability resides in the host name field and allows attackers to bypass SafeSEH protections, leading to arbitrary code execution. Exploitation involves crafting a malicious payload in the host name or address field, which can then be triggered using the Trace route or System information functions.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected system.

Reproduction

To reproduce this vulnerability, create a payload that exploits the buffer overflow and bypasses SafeSEH. This can be done using a tool like msfvenom to generate a Windows shellcode payload. Once the payload is created, it can be delivered through the host name or address field. After adding the host, right-click and select 'Trace route' or 'System information', which will trigger the vulnerability and execute the payload.