Exploitation Summary
EIP tracks 1 public exploit for CVE-2016-20050. PoCs published by Abraham Espinosa.
AI-analyzed exploit summary This is a functional proof-of-concept for a local buffer overflow vulnerability in NetSchedScan v1.0. It generates a malformed input file that triggers a crash when pasted into the application's Hostname/IP field.
Description
NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a crafted payload containing 388 bytes of data followed by 4 bytes of EIP overwrite into the Hostname/IP field to trigger a denial of service condition.
Exploits (1)
This is a functional proof-of-concept for a local buffer overflow vulnerability in NetSchedScan v1.0. It generates a malformed input file that triggers a crash when pasted into the application's Hostname/IP field.
References (2)
Scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H