module
Race River Integard Home/Pro LoginAdmin Password Stack Buffer Overflow
| Disclosed | Created |
|---|---|
| Sep 7, 2010 | May 30, 2018 |
Disclosed
Sep 7, 2010
Created
May 30, 2018
Description
This module exploits a stack buffer overflow in Race river's Integard Home/Pro
internet content filter HTTP Server. Versions prior to 2.0.0.9037 and 2.2.0.9037 are
vulnerable.
The administration web page on port 18881 is vulnerable to a remote buffer overflow
attack. By sending a long character string in the password field, both the structured
exception handler and the saved extended instruction pointer are over written, allowing
an attacker to gain control of the application and the underlying operating system
remotely.
The administration website service runs with SYSTEM privileges, and automatically
restarts when it crashes.
internet content filter HTTP Server. Versions prior to 2.0.0.9037 and 2.2.0.9037 are
vulnerable.
The administration web page on port 18881 is vulnerable to a remote buffer overflow
attack. By sending a long character string in the password field, both the structured
exception handler and the saved extended instruction pointer are over written, allowing
an attacker to gain control of the application and the underlying operating system
remotely.
The administration website service runs with SYSTEM privileges, and automatically
restarts when it crashes.
Authors
Platform
Windows
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.