PT-2004-2241 · Unknown · Netcat For Windows

Class101

Published

2004-12-27

Updated

2017-07-11

CVE-2004-1317

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Netcat for Windows version 1.1

Description: A stack-based buffer overflow issue exists when running with the -e option, allowing remote attackers to execute arbitrary code via a long DNS command.

Recommendations: For Netcat for Windows version 1.1, avoid using the -e option until a patch is available. As a temporary workaround, consider restricting the use of the DNS command to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-1317

Affected Products

Netcat For Windows

PT-2004-2241 · Unknown · Netcat For Windows

CVE-2004-1317

Related Identifiers

Affected Products

References · 9