CVE-2020-37119

Name of the Vulnerable Software and Affected Versions Nsauditor version 3.0.28 Nsauditor version 3.2.1.0

Description A buffer overflow in the DNS Lookup tool allows attackers to execute arbitrary code by overwriting memory. By crafting a malicious DNS query payload, an attacker can trigger a three-byte overwrite to bypass ASLR (Address Space Layout Randomization, a security technique that randomly arranges the address space positions of key data areas of a process) and execute shellcode.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.