Vulnerabilities > CVE-2004-1317 - Remote Security vulnerability in Netcat
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Netcat v1.1 "-e" Switch Remote Buffer Overflow Exploit. CVE-2004-1317. Remote exploit for windows platform id EDB-ID:726 last seen 2016-01-31 modified 2004-12-26 published 2004-12-26 reporter class101 source https://www.exploit-db.com/download/726/ title Netcat 1.1 - "-e" Switch Remote Buffer Overflow Exploit description Netcat v1.10 NT Stack Buffer Overflow. CVE-2004-1317. Remote exploit for windows platform id EDB-ID:16436 last seen 2016-02-01 modified 2010-06-22 published 2010-06-22 reporter metasploit source https://www.exploit-db.com/download/16436/ title Netcat 1.10 - NT Stack Buffer Overflow
Metasploit
description | This module exploits a stack buffer overflow in Netcat v1.10 NT. By sending an overly long string we are able to overwrite SEH. The vulnerability exists when netcat is used to bind (-e) an executable to a port in doexec.c. This module tested successfully using "c:\>nc -L -p 31337 -e ftp". |
id | MSF:EXPLOIT/WINDOWS/MISC/NETCAT110_NT |
last seen | 2020-06-01 |
modified | 2017-11-08 |
published | 2007-09-26 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1317 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/misc/netcat110_nt.rb |
title | Netcat v1.10 NT Stack Buffer Overflow |
Packetstorm
data source | https://packetstormsecurity.com/files/download/83199/netcat110_nt.rb.txt |
id | PACKETSTORM:83199 |
last seen | 2016-12-05 |
published | 2009-11-26 |
reporter | patrick |
source | https://packetstormsecurity.com/files/83199/Netcat-v1.10-NT-Stack-Overflow.html |
title | Netcat v1.10 NT Stack Overflow |