top of page
perceptive_background_267k.jpg

Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memo…

Published:

4 februari 2026 om 23:00:00

Alert date:

5 februari 2026 om 21:07:15

Source:

nvd.nist.gov

Click to open the original link from this advisory

Security Tools

CVE-2020-37119 affects Nsauditor versions 3.0.28 and 3.2.1.0, containing a buffer overflow vulnerability in the DNS Lookup tool. Attackers can exploit this vulnerability by crafting malicious DNS query payloads that trigger a three-byte memory overwrite. The exploit allows bypassing ASLR (Address Space Layout Randomization) protection mechanisms. Successful exploitation enables arbitrary code execution through carefully constructed shellcode. The vulnerability demonstrates how network security tools themselves can become attack vectors when containing memory corruption flaws.

Technical details

Mitigation steps:

Affected products:

Nsauditor

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2020-37119
https://www.exploit-db.com/exploits/48350
https://www.nsauditor.com/
https://www.vulncheck.com/advisories/nsauditor-buffer-overflow-sehaslr-bypass-bytes-overwrite

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page