vendor:
Cain & Abel
by:
Encrypt3d.M!nd
N/A
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: Cain & Abel
Affected Version From: Cain & Abel 4.9.23
Affected Version To: Cain & Abel 4.9.23
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows XP SP3 Patched
Cain & Abel 4.9.23 (rdp file) Buffer overflow Exploit
This exploit is for a buffer overflow vulnerability in Cain & Abel 4.9.23. It creates a file (.rdp) that, when decoded with Cain (Remote Desktop Password Decoder), adds an administrator user with a specified password. The shellcode included in the exploit can also open calc.exe.
Mitigation:
Apply the latest patches and updates for Cain & Abel. Avoid opening suspicious .rdp files.