CVE-1999-0661

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0661. PoCs published by netmask.

AI-analyzed exploit summary This exploit is a trojanized version of sendmail 8.12.6, which includes backdoor code that connects to a remote host (66.37.138.99) on port 6667 upon compilation. The backdoor provides a reverse shell with XOR-encoded communication.

Description

A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.

Exploits (1)

exploitdb TROJAN VERIFIED

by netmask · bashremoteunix

https://www.exploit-db.com/exploits/21919

View Code ZIP pw:eip

This exploit is a trojanized version of sendmail 8.12.6, which includes backdoor code that connects to a remote host (66.37.138.99) on port 6667 upon compilation. The backdoor provides a reverse shell with XOR-encoded communication.

Classification

Trojan 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: sendmail 8.12.6

No auth needed

Prerequisites: Compilation of the trojanized sendmail source code

MITRE ATT&CK