Oct 4, 2009

Cain and Abel Malformed RDP File Buffer Overflow

Cain and Abel is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects Cain & Abel 4.9.24 and prior versions.
This is an example of how security and hacking tools themselves might be vulnerable to attack. You can download the exploit code from Milw0rm.

# ITS ©
# 2008 - 2009

No comments:

Post a Comment