CVE-2000-0405

L0pht AntiSniff - Buffer Overflow via Malformed DNS Response Packet

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2000-0405. PoCs published by L0pht, Hugo Breton.

AI-analyzed exploit summary This exploit targets a buffer overflow in @Stake Inc.'s Antisniffer software by sending a malformed DNS packet. It includes shellcode to spawn a reverse shell on port 17664.

Description

Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet.

Exploits (3)

exploitdb WORKING POC VERIFIED

by L0pht · cremotemultiple

https://www.exploit-db.com/exploits/19918

View Code ZIP pw:eip

This exploit targets a buffer overflow in @Stake Inc.'s Antisniffer software by sending a malformed DNS packet. It includes shellcode to spawn a reverse shell on port 17664.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Antisniffer (versions with DNS test enabled)

No auth needed

Prerequisites: Antisniffer configured to run DNS test · Network access to target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by L0pht · cremotemultiple

https://www.exploit-db.com/exploits/19917

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in @Stake Inc.'s Antisniffer software (version 1.02) by sending a malformed DNS packet. The payload includes shellcode to spawn a bind shell on port 17664.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Antisniffer 1.02

No auth needed

Prerequisites: Antisniffer configured to run DNS test · Network access to target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Hugo Breton · cremotemultiple

https://www.exploit-db.com/exploits/19916

View Code ZIP pw:eip

This exploit targets a buffer overflow in @Stake Inc.'s Antisniffer software during its DNS test phase. It crafts a malformed DNS packet to trigger the overflow, potentially allowing arbitrary code execution on vulnerable systems.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: @Stake Antisniffer (versions with DNS test enabled)

No auth needed

Prerequisites: Antisniffer configured to run DNS test · DNS test phase active

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Patch, Vendor Advisory vendor-advisory x_refsource_l0pht

http://www.l0pht.com/advisories/asniff_advisory.txt

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/3179

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1207

Scores

EPSS 0.0835

EPSS Percentile 94.2%

Details

Status published

Products (2)

atstake/antisniff 1.0

atstake/antisniff 1.0.1

Published May 16, 2000

Tracked Since Feb 18, 2026