LizardSystems LanSend Buffer Overflow Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A buffer overflow vulnerability has been identified in LizardSystems LanSend version 3.2. The issue arises in the Add Computers Wizard file import feature, where remote attackers can execute arbitrary code. By crafting a malicious payload file, attackers can overwrite the structured exception handler (SEH) and execute shellcode when importing computer data from the file.
Impact
Exploitation of this vulnerability allows for arbitrary code execution on the affected system.
Reproduction
To reproduce this vulnerability, first create a payload file containing shellcode designed to be executed when the vulnerability is triggered. This can be done using a tool like msfvenom, specifying the desired payload and encoding options to create a file that will execute a reverse shell, for example. Once the payload file is ready, open LanSend and navigate to the Add Computers Wizard. Select the option to import computers from a file, and then upload the crafted payload file. The shellcode will be executed upon importing the file, demonstrating the successful exploitation of the buffer overflow vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.