Exploitation Summary
EIP tracks 1 public exploit for CVE-2000-0295. PoCs published by Andrew Hobgood.
AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in LCDProc 0.4-pre9 by sending a maliciously crafted 'screen_add' command to the server. The payload includes NOP sleds and shellcode to spawn a shell with the privileges of the LCDProc process.
Description
Buffer overflow in LCDproc allows remote attackers to gain root privileges via the screen_add command.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Andrew Hobgood · cremotelinux
https://www.exploit-db.com/exploits/19868
This exploit targets a buffer overflow vulnerability in LCDProc 0.4-pre9 by sending a maliciously crafted 'screen_add' command to the server. The payload includes NOP sleds and shellcode to spawn a shell with the privileges of the LCDProc process.
Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target:
LCDProc 0.4-pre9
No auth needed
Prerequisites:
Network access to the LCDProc server (port 13666) · LCDProc 0.4-pre9 running on the target
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/7829
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1131
Third Party Advisory, VDB Entry vendor-advisory
x_refsource_gentoo
http://www.securityfocus.com/archive/1/305589/30/26390/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/4315
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000421010946.15318I-200000%40schizo.strange.net
Scores
EPSS
0.0488
EPSS Percentile
90.9%
Details
Status
published
Products (1)
lcdproc/lcdproc
0.4
Published
Apr 21, 2000
Tracked Since
Feb 18, 2026