The vulnerability of the Linter Bastion database management system allows a malicious individual to execute arbitrary code with system privileges, as well as bypass the “closed environment” protection mechanism.
The dbcwnt.exe module contains a vulnerable function address 0x4017d4, which reads the value of the NETMBX environment variable into a buffer in the stack, without controlling the size of the copied data. This vulnerability allows a local attacker to execute arbitrary code. Additionally, this...