Vulnerabilities > CVE-2007-4006 - Remote Security vulnerability in Mike Dubman Windows RSH Daemon 1.7

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
mike-dubman
exploit available
metasploit
NVD
Published: 2007-07-26
Updated: 2008-09-05

Summary

Buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 has unknown impact and remote attack vectors, aka ZD-00000034. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.

Vulnerable Configurations

Part Description Count
Application
Mike_Dubman
1

Exploit-Db

  • descriptionWindows RSH daemon Buffer Overflow. CVE-2007-4006. Remote exploit for windows platform
    idEDB-ID:16427
    last seen2016-02-01
    modified2010-04-30
    published2010-04-30
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16427/
    titleWindows RSH daemon Buffer Overflow
  • descriptionWindows RSH daemon 1.7 Remote Buffer Overflow Exploit. CVE-2007-4005,CVE-2007-4006. Remote exploit for windows platform
    fileexploits/windows/remote/4222.c
    idEDB-ID:4222
    last seen2016-01-31
    modified2007-07-24
    platformwindows
    port514
    published2007-07-24
    reporterJoey Mengele
    sourcehttps://www.exploit-db.com/download/4222/
    titleWindows RSH daemon 1.7 - Remote Buffer Overflow Exploit
    typeremote

Metasploit

descriptionThis module exploits a vulnerability in Windows RSH daemon 1.8. The vulnerability is due to a failure to check for the length of input sent to the RSH server. A CPORT of 512 -> 1023 must be configured for the exploit to be successful.
idMSF:EXPLOIT/WINDOWS/MISC/WINDOWS_RSH
last seen2020-03-23
modified2017-09-14
published2007-08-10
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4006
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/misc/windows_rsh.rb
titleWindows RSH Daemon Buffer Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/83112/windows_rsh.rb.txt
idPACKETSTORM:83112
last seen2016-12-05
published2009-11-26
reporterMC
sourcehttps://packetstormsecurity.com/files/83112/Windows-RSH-daemon-Buffer-Overflow.html
titleWindows RSH daemon Buffer Overflow

Saint

bid25044
descriptionWindows rshd buffer overflow
osvdb38572
titlewindows_rshd
typeremote

References