CVE-2018-25259

Terminal Services Manager 3.1 Buffer Overflow SEH

CVSS 8.6 HIGHEPSS 0.2%CWE-306

Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious input file with shellcode and jump instructions that overwrite the SEH handler pointer to execute calc.exe or other payloads when imported through the add computers wizard.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

Lizardsystems · Terminal Services Manager

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/46058unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://lizardsystems.com https://www.exploit-db.com/exploits/46058 https://www.vulncheck.com/advisories/terminal-services-manager-buffer-overflow-seh