This Metasploit module exploits a stack overflow in Free Download Manager Remote Control 2.5 Build 758. When sending a specially crafted Authorization header, an attacker may be able to execute arbitrary code.
dd951e3b76f1cceb5b28d6432c1052bdca89b18ba6a09ce966da47b148c9daa8
Free Download Manager versions 2.5 and 3.0 stack buffer overflow proof of concept exploit.
39777be1f85065badba6635c5367e461cc771629596f5bf25851de9606d5ee2c
Secunia Research has discovered a vulnerability in Free Download Manager, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the Remote Control Server when processing "Authorization" headers in HTTP requests. This can be exploited to cause a stack-based buffer overflow via an HTTP request containing an overly long "Authorization" header. Successful exploitation allows execution of arbitrary code. Free Download Manager versions 2.5 Build 758 and 3.0 Build 844 are affected.
2d6a98a1c54f3e78b5ee64d40212d81016ff64590c30aaee596d5b936675f6e2