NetScanTools Basic 2.5 Vulnerable to Local DoS Attacks

A local denial of service vulnerability has been discovered in the NetScanTools Basic Edition freeware version 2.5. This makes the package vulnerable to turning away from the intended user of the program as the software is overflooded with arbitrary requests through an exploitable access channel. Such requests manage to trigger a crash in the system which stops its processes from running, corrupting the intended purpose of the tool package and preventing users from availing the functions it has to offer.

NetScanTools is a set of network tools designed for engineers, computer scientists, technological experts, researchers, systems security officers, and law enforcement officials concerned with cybercrime. It combines a wide array of tools all designed to perform a single function into one package designed to perform all such network operations. A basic version of the freeware also exists for at home users and the purpose behind the software stands to centralize several networking tools into a single easy to use package. The NetScanTools package exists in the Basic, LE, and Pro packages. The particular package affected by this vulnerability is the NetScanTools Basic freeware which is designed to provide users with a DNS tool for IP/hostname resolution and computer DNS information, ping, graphical ping, ping scanner, traceroute, and the tool Whois.

The NetScanTools Basic edition DoS vulnerability crash can be reproduced by the following. First, run the python code “python”. Next, open NetScanTools_Basic_Edition_2.5.txt and copy its contents to clipboard. Then, Open NstBasic.exe > Ping and Traceroute Tools > Ping and paste the clipboard on Target Hostname or IPv4 address. Perform ping and you’ll observe that the system crashes. This vulnerability was discovered by Luis Martinez in version 2.5 of the software on Windows 10 Pro x64 es. A CVE identification code has not been allotted to this vulnerability as of yet, and it is not clear either whether the vendor has been informed. As the vulnerability is locally exploitable, it is considered to have a relatively lower degree of risk but if a system is infected with malware that is able to execute arbitrary commands with system privileges then the freeware could be repeatedly crashed with DoS, unable to perform its intended services.

Aaron Michael
Aaron Micheal is an electrical engineer by profession and a hard-core gamer by passion. His exceptional experience with computer hardware and profound knowledge in gaming makes him a very competent writer. What makes him unique is his growing interest in the state of the art technologies that motivates him to learn, adopt, and integrate latest techniques into his work.

Expert Tip

NetScanTools Basic 2.5 Vulnerable to Local DoS Attacks

If the issue is with your Computer or a Laptop you should try using Restoro which can scan the repositories and replace corrupt and missing files. This works in most cases, where the issue is originated due to a system corruption. You can download Restoro by clicking the Download button below.

Download Now

I'm not interested