CVE-2000-0493

Simple Network Time Sync Daemon - Buffer Overflow via Long String

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0493. PoCs published by Ben Taylor.

AI-analyzed exploit summary This exploit targets a scanf buffer overflow in the Simple Network Time Sync daemon and client version 1.0. It sends a UDP packet with a string longer than 50 characters to trigger the overflow, potentially allowing remote code execution.

Description

Buffer overflow in Simple Network Time Sync (SMTS) daemon allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long string.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Ben Taylor · perlremotelinux

https://www.exploit-db.com/exploits/19978

View Code ZIP pw:eip

This exploit targets a scanf buffer overflow in the Simple Network Time Sync daemon and client version 1.0. It sends a UDP packet with a string longer than 50 characters to trigger the overflow, potentially allowing remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Simple Network Time Sync daemon and client version 1.0

No auth needed

Prerequisites: Network access to the target system · Target running Simple Network Time Sync daemon or client version 1.0

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Vendor Advisory mailing-list x_refsource_vuln-dev

http://archives.neohapsis.com/archives/vuln-dev/2000-q2/0843.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1289

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/4602

Scores

EPSS 0.0598

EPSS Percentile 92.4%

Details

Status published

Products (1)

atrius_trivalie_sn/time_sync 1.0.1

Published Jun 01, 2000

Tracked Since Feb 18, 2026