Description:
|
This exploits a stack buffer overflow in the AgentX++ library, as used by various applications. By sending a specially crafted request, an attacker can execute arbitrary code, potentially with SYSTEM privileges. This Metasploit module was tested successfully against master.exe as included with Real Network\\'s Helix Server v12. When installed as a service with Helix Server, the service runs as SYSTEM, has no recovery action, but will start automatically on boot. This Metasploit module does not work with NX/XD enabled but could be modified easily to do so. The address
|