CVE-2000-0740

NAI Net Tools PKI Server 1.0 - Buffer Overflow via Long HTTPS URL

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0740. PoCs published by juliano.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Network Associates Inc.'s Net Tools PKI server by sending an overly long URL (2965+ characters) to the Enrollment Web Server on port 444. The exploit uses a crafted HTML file to trigger the overflow, potentially leading to remote code execution.

Description

Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary commands via a long URL in the HTTPS port.

Exploits (1)

exploitdb WORKING POC VERIFIED

by juliano · perlremotewindows

https://www.exploit-db.com/exploits/20134

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Network Associates Inc.'s Net Tools PKI server by sending an overly long URL (2965+ characters) to the Enrollment Web Server on port 444. The exploit uses a crafted HTML file to trigger the overflow, potentially leading to remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Network Associates Net Tools PKI Server 1.0

No auth needed

Prerequisites: Access to the target's Enrollment Web Server on port 444 · SSL-compatible browser to open the crafted HTML file

MITRE ATT&CK