CVE-2001-0764

scotty 2.1.0 - Local Buffer Overflow via Long Hostname Command Line Argument

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0764. PoCs published by Larry W. Cashdollar.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in ntping (part of scotty-2.1.9) by supplying a long command-line argument to overwrite the return address and execute arbitrary shellcode. The PoC uses Aleph1's shellcode to spawn a shell.

Description

Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Larry W. Cashdollar · clocalunix

https://www.exploit-db.com/exploits/20960

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in ntping (part of scotty-2.1.9) by supplying a long command-line argument to overwrite the return address and execute arbitrary shellcode. The PoC uses Aleph1's shellcode to spawn a shell.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: scotty-2.1.9 (ntping)

No auth needed

Prerequisites: Local access to the target system · ntping must be installed and executable

MITRE ATT&CK