NetPCLinker Buffer Overflow Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A buffer overflow vulnerability has been identified in NetPCLinker version 1.0.0.0. The issue resides in the Clients Control Panel DNS/IP field, where improper input handling allows attackers to execute arbitrary shellcode. By crafting a malicious payload and overwriting Structured Exception Handling (SEH) handlers, attackers can execute their code when adding a new client.
Impact
Exploitation of this vulnerability allows for arbitrary code execution on the affected system.
Reproduction
To reproduce this vulnerability, install NetPCLinker 1.0.0.0 on a Windows Vista SP1 system. Run the application and navigate to the 'Clients Control Panel' tab. Click the 'Add' button, which will open a dialog. The vulnerability can be exploited by using an egghunter payload that is saved to a text file named 'payload.txt'. This file's contents should be copied into the 'DNS/IP' field of the add client dialog. Once the payload is in place, press 'OK' to execute the shellcode.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.