Full title: KingScada AlarmServer 3.1.2.13 Buffer Overflow Exploit 
Category: remote exploits
Platform: windows
This Metasploit module exploits a stack based buffer overflow found in KingScada versions prior to 3.1.2.13. The vulnerability is triggered when sending a specially crafted packet to the 'AlarmServer' (AEserver.exe) service listening on port 12401. During the parsing of the packet the 3rd dword is used as a size value for a memcpy operation which leads to an overflown stack buffer.

# 0day.today @ http://0day.today/