Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1317

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-1317
Last Modified 05 Sep 2008 04:40:58
Published 27 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1317

Summary

Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command.

Vulnerable Systems


References

XF - netcat-doexec-bo(18681)

BUGTRAQ - 20041228 Re: [HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc included

BUGTRAQ - 20041228 Netcat v1.11 For Windows , New fixed version

MISC - http://www.hat-squad.com/en/000142.html

BUGTRAQ - 20041227 [HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc included


Last Updated: 27 May 2016 10:38:59