A critical stack-based buffer overflow in Arm Whois 3.11 allows remote attackers to execute arbitrary code via malformed input.

The application fails to bound input in the IP or domain field, allowing an attacker to send more than 658 bytes to overwrite the structured exception handler and gain command execution.

This vulnerability allows for unauthenticated remote code execution, which can result in full system compromise. With a CVSS score of 9.8, the potential for total system takeover makes this a high-severity risk for any infrastructure running this software.

Immediate Action: Update Arm Whois to the latest version to resolve the buffer overflow vulnerability.

Proactive Monitoring: Monitor network traffic for oversized or malformed Whois queries directed at the application.

Compensating Controls: Implement input length validation at the network perimeter or via a firewall to block requests exceeding expected size constraints.

Public Exploit Available: Unknown

Buffer overflow vulnerabilities in network-facing services are highly dangerous. Organizations should verify their versions of Arm Whois and apply updates immediately to mitigate the risk of remote code execution.