Achat Buffer Overflow Vulnerability Allowing Remote Code Execution
Vulnerability
A stack-based buffer overflow vulnerability has been identified in Achat version 0.150. The issue arises from insufficient input validation on user-supplied data, allowing attackers to send specially crafted messages to the UDP port 9256. This exploitation can overwrite the structured exception handler (SEH), leading to remote code execution. The vulnerability is present in the default configuration of the application.
Impact
Exploitation of this vulnerability allows for a stack-based buffer overflow, overwriting the structured exception handler and leading to remote code execution.
Reproduction
The vulnerability can be reproduced by sending a crafted message to the Achat application running on Windows XP SP3 or Windows 7, via UDP port 9256. The Metasploit module for this vulnerability automates this process, taking care of the necessary payload adjustments and timing considerations.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.