This exploits a stack buffer overflow in the AgentX++ library, as used by various applications. By sending a specially crafted request, an attacker can execute arbitrary code, potentially with SYSTEM privileges. This Metasploit module was tested successfully against master.exe as included with Real Network\\'s Helix Server v12. When installed as a service with Helix Server, the service runs as SYSTEM, has no recovery action, but will start automatically on boot. This Metasploit module does not work with NX/XD enabled but could be modified easily to do so. The address
aac546a12d692ebd057d13d7aa3574502e33b1a073c8fc628113830052ea405c
AgentX++ stack buffer overflow proof of concept exploit.
9e66d7c97044c835c099e68a991b581c76c73dadb00968bebac32159afe1bb6b
iDefense Security Advisory 04.15.10 - Remote exploitation of a stack-based buffer overflow vulnerability within AgentX++, as distributed with multiple vendors' products, allows attackers to execute arbitrary code with the privileges of the AgentX master process. This vulnerability exists within the AgentX::receive_agentx function. By sending multiple blocks of data to the vulnerable function, an attacker could overwrite the data following the stack buffer, including the saved return address.
499590eb81a0b27fc47fa45064c8da26ab84f710c5e3d28fa2e9796dfe3c0034