WinMod 1.4 (.lst) Local Stack Overflow Exploit
And now this time we have a stack overflow exploit in WinMod 1.4 which is a audio media player available on internet as a freeware. But before downloading such thing remember it is vulnerable to a stack overflow attack.
The WinMod 1.4 is made by Daniel Becker & while testing on Windows XP SP 2 EN , this vulnerability has been discovered by CWH Underground.
Stack Overflow Exploit/ Buffer Overflow
Stack overflow attack is a subtype of buffer overflow attack. What happens basically is program is not prepared for such kind of input & if it is intelligently tricked by intruder can crash the system or can give direct access to root of subjected machine.
Buffer overflow occurs when program tries to write more information into its buffer memory (That is allocated for program) than it is prepared for.
This can severely affect the system as this allows attacker to over write the data & even change the program execution path.
As we know that every programmer who works in C compiler works on program code length & its performance efficiency. Because C is considered as the best for this work. But one thing they forget to focus on is a security. And that is here that stack overflow becomes the major headache in the aspect of security.
Consequences of Stack Overflow in WinMod 1.4
Well, as I told before it can give the heightened access to your system to attacker. But if you wish to use Win Mod player (1.4) then at least wait for its next version or some release of patch. It will make your system secure. If you’re using personal computer away from Internet then, You don’t need to uninstall that Winmod.
If you are connected to some network or office system then uninstall it now & wait for its release.
More About Stack Overflow Exploit
This post was to warn about the exploit in Winmod 1.4 & not meant for teaching you a stack overflow. It is far beyond the scope of this 300 wordss article.
You need to have the advanced coding experience knowledge or at least some hand in C. But I have soem great places where you can be master in stack overflow. (Not sure you can perform, but you can have full understanding for sure.)
You can use any one of following links or all of them.