CVE-2001-0221

ja-xklock < 2.7.1 - Local Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0221. PoCs published by dethy.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the xklock program (FreeBSD 3.5.1 & 4.2) via the -bg command-line argument. It uses a brute-force offset approach to overwrite the return address and execute shellcode for local privilege escalation.

Description

Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED

by dethy · clocalbsd

https://www.exploit-db.com/exploits/286

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in the xklock program (FreeBSD 3.5.1 & 4.2) via the -bg command-line argument. It uses a brute-force offset approach to overwrite the return address and execute shellcode for local privilege escalation.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: xklock (FreeBSD 3.5.1 & 4.2)

No auth needed

Prerequisites: xklock installed setuid root · ability to execute local binaries

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/6073

Exploit, Patch, Vendor Advisory vendor-advisory x_refsource_freebsd

http://archives.neohapsis.com/archives/freebsd/2001-02/0079.html

Scores

EPSS 0.0094

EPSS Percentile 56.3%

Details

Status published

Products (1)

freebsd/ja-xklock < 2.7.1

Published Jun 02, 2001

Tracked Since Feb 18, 2026