module
ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow
| Disclosed | Created |
|---|---|
| 2012-08-28 | 2018-05-30 |
Disclosed
2012-08-28
Created
2018-05-30
Description
This module exploits a vulnerability in ActiveFax Server. The vulnerability is
a stack based buffer overflow in the "Import Users from File" function, due to the
insecure usage of strcpy while parsing the csv formatted file. The module creates a
.exp file that must be imported with ActiveFax Server. It must be imported with the
default character set 'ECMA-94 / Latin 1 (ISO 8859)'. The module has been tested
successfully on ActFax Server 4.32 over Windows XP SP3 and Windows 7 SP1. In the
Windows XP case, when ActFax runs as a service, it will execute as SYSTEM.
a stack based buffer overflow in the "Import Users from File" function, due to the
insecure usage of strcpy while parsing the csv formatted file. The module creates a
.exp file that must be imported with ActiveFax Server. It must be imported with the
default character set 'ECMA-94 / Latin 1 (ISO 8859)'. The module has been tested
successfully on ActFax Server 4.32 over Windows XP SP3 and Windows 7 SP1. In the
Windows XP case, when ActFax runs as a service, it will execute as SYSTEM.
Authors
Craig Freyman
Brandon Perry
juan vazquez juan.vazquez@metasploit.com
Brandon Perry
juan vazquez juan.vazquez@metasploit.com
Platform
Windows
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.