Cervoise

**Name of the Vulnerable Software and Affected Versions** Nsauditor version 3.0.28 Nsauditor version 3.2.1.0 **Description** A buffer overflow in the DNS Lookup tool allows attackers to execute arbitrary code by overwriting memory. By crafting a malicious DNS query payload, an attacker can trigger a three-byte overwrite to bypass ASLR (Address Space Layout Randomization, a security technique that randomly arranges the address space positions of key data areas of a process) and execute shellcode. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.