Buffer Overflow in Advanced Encryption Package Software

[vishnu raju <rajuvishnu52 () gmail com>]

Dear List,

Greetings from vishnu (@dH4wk)

1. Vulnerable Product

   - Advanced Encryption Package
   - Company http://www.aeppro.com/

2. Vulnerability Information

 (A) Buffer OverFlow
     Impact: Attacker gains administrative access
     Remotely Exploitable: No
     Locally Exploitable: Yes


3. Vulnerability Description
    The vulnerability resides in the registration part of the product The
product exhibits no input length check and uses vulnerable functions to
copy/compare the input.

The buffer overflow is in the SEH handler such that when the overflow
exception occurs, the next handler in the exception chain is affected.

*The windbg details are given below*:

(44c.4ac): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for
activationwizard.dll -
activationwizard!uninitialize+0x17959:
03708fd9 66833800        cmp     word ptr [eax],0
ds:002b:41414141=????


0:000:x86> r
eax=41414141 ebx=41414141 ecx=00000007 edx=00000073 esi=0371ffea
edi=7ffffffe
eip=03708fd9 esp=001884ac ebp=00188538 iopl=0         nv up ei pl nz na po
nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b
efl=00010202
activationwizard!uninitialize+0x17959:
03708fd9 66833800        cmp     word ptr [eax],0
ds:002b:41414141=????

Regards,
Vishnu Raju.

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/