module
ISS PAM.dll ICQ Parser Buffer Overflow
| Disclosed | Created |
|---|---|
| 2004-03-18 | 2018-05-30 |
Disclosed
2004-03-18
Created
2018-05-30
Description
This module exploits a stack buffer overflow in the ISS products that use
the iss-pam1.dll ICQ parser (Blackice/RealSecure). Successful exploitation
will result in arbitrary code execution as LocalSystem. This exploit
only requires 1 UDP packet, which can be both spoofed and sent to a broadcast
address.
The ISS exception handler will recover the process after each overflow, giving
us the ability to bruteforce the service and exploit it multiple times.
the iss-pam1.dll ICQ parser (Blackice/RealSecure). Successful exploitation
will result in arbitrary code execution as LocalSystem. This exploit
only requires 1 UDP packet, which can be both spoofed and sent to a broadcast
address.
The ISS exception handler will recover the process after each overflow, giving
us the ability to bruteforce the service and exploit it multiple times.
Author
spoonm spoonm@no$email.com
Platform
Windows
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.