Zero day - Acunetix scanner suffer Buffer Overflow vulnerability

acunetix 8, acunetix 8 buffer over flow, Buffer Overflow vulnerability in Acunetix scanner, Buffer Overflow vulnerability, hackers got hacked, Hacker news,IT Security News,Malware report,vulnerability,hacking news,Cyber crime,Spam mails,the hacker, Hacker news,IT Security News,information security,vulnerability,hacking news,Cyber crime,the hacker, Acunetix vulnerability, hacked by Acunetix
Acunetix Zero-day vulnerability
A few weeks ago, Danor Cohen, a Security researcher who recently discovered the 'WinRAR file spoofing vulnerability, once again discovered one more zero-day vulnerability on one of the popular web application vulnerability scanners 'Acunetix'.

Version 8 of the Acunetix application is one of the popular versions, which is the most common cracked version that was published on the net and used by many newbie hackers. Many of the new hackers or other guys scan their sites with Acunetix for the common vulnerability.
Acunetix is a powerful tool for scanning and finding vulnerabilities at websites. Many newbie attackers tend to use this tool due to the simplicity of its use ACUNETIX offers its users a simple wizard base scan that covers many aspects of the vulnerability scan. feature in Acunetix that allows to scan the additional domains or sub-domains detected during the scan.
Danor, have found the Buffer Overflow Vulnerability in Acunetix 8. Researcher explains the vulnerabilities as
After a little research about this option, I figured out that ACUNETIX starts its wizard by sending an HTTP request to the site and learning about it from its HTTP response.
Furthermore the wizard learns about the external related domains from the external sources that appear at the website, for example:
“<img src=http://externalSource.com/someimg.png >”
“<a href=http://externalSource.com/ ></a>”
Etc...
Danor found that if the 'external' source url's length is larger than 268Bytes, the Acunetix vulnerability scanner will get crashed. So if attacker use  put some kind of external source at site, which have the length of 268 Byte’s or more, Acunetix get crashed, say something like this:
<A href=“http://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAA”>
For this Zeroday Vulnerability, Danor have shown a video demonstration.
What can Attacker Do?
Further more exploiting the vulnerability Researcher successfully managed to execute the (calc.exe). So attacker can modify the code with the malicious code and infect the computers of newbies with a malware who attempt to scan their websites.
Read Also
Post a Comment
Table of Contents

Loading…