Vulnerabilities > CVE-2007-2711 - Remote Buffer Overflow vulnerability in TinyIdentD

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
tinyirc
critical
exploit available
metasploit
NVD
Published: 2007-05-16
Updated: 2017-10-11

Summary

Stack-based buffer overflow in TinyIdentD 2.2 and earlier allows remote attackers to execute arbitrary code via a long string to TCP port 113.

Vulnerable Configurations

Part Description Count
Application
Tinyirc
1

Exploit-Db

  • descriptionTinyIdentD <= 2.2 Remote Buffer Overflow Exploit. CVE-2007-2711. Remote exploit for windows platform
    fileexploits/windows/remote/3925.py
    idEDB-ID:3925
    last seen2016-01-31
    modified2007-05-14
    platformwindows
    port113
    published2007-05-14
    reporterThomas Pollet
    sourcehttps://www.exploit-db.com/download/3925/
    titleTinyIdentD <= 2.2 - Remote Buffer Overflow Exploit
    typeremote
  • descriptionTinyIdentD 2.2 Stack Buffer Overflow. CVE-2007-2711. Remote exploit for windows platform
    idEDB-ID:16444
    last seen2016-02-01
    modified2010-09-20
    published2010-09-20
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16444/
    titleTinyIdentD 2.2 - Stack Buffer Overflow

Metasploit

descriptionThis module exploits a stack based buffer overflow in TinyIdentD version 2.2. If we send a long string to the ident service we can overwrite the return address and execute arbitrary code. Credit to Maarten Boone.
idMSF:EXPLOIT/WINDOWS/MISC/TINY_IDENTD_OVERFLOW
last seen2020-05-26
modified2020-05-23
published2007-05-22
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2711
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/misc/tiny_identd_overflow.rb
titleTinyIdentD 2.2 Stack Buffer Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/83191/tiny_identd_overflow.rb.txt
idPACKETSTORM:83191
last seen2016-12-05
published2009-11-26
reporteracaro
sourcehttps://packetstormsecurity.com/files/83191/TinyIdentD-2.2-Stack-Overflow.html
titleTinyIdentD 2.2 Stack Overflow

References