yTree Stack-Based Buffer Overflow Vulnerability (CVE-2016-20038)
yTree version 1.94-1.1 is vulnerable to a stack-based buffer overflow, allowing local attackers to execute arbitrary code by supplying an excessively long argument to overwrite the stack with shellcode.
yTree versions 1.94 to 1.1 are susceptible to a stack-based buffer overflow vulnerability (CVE-2016-20038). A local attacker can exploit this flaw by providing an overly long command-line argument to the application. The vulnerability allows the attacker to overwrite the stack memory, inject and execute arbitrary code within the context of the yTree application. This could lead to a full system compromise if the attacker gains sufficient privileges. This vulnerability has been publicly known…
Detection coverage 2
Detect Suspicious yTree CommandLine
highDetects suspicious command-line arguments passed to yTree, potentially indicating a buffer overflow attempt.
Detect Shellcode in yTree Command Line
criticalDetects potential shellcode in the command line of yTree, indicating exploitation attempt.
Detection queries are kept inside the platform. Get full rules →