CVE-2001-0830

HIGH

6tunnel < 0.08 - Denial of Service via Socket Resource Exhaustion

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0830. PoCs published by awayzzz.

AI-analyzed exploit summary This exploit is a TCP connection flooder targeting 6tunnel versions prior to 0.08, causing a denial of service by exhausting available sockets. It supports both IPv4 and IPv6 connections and allows customization of port, delay, and number of connections.

Description

6tunnel 0.08 and earlier does not properly close sockets that were initiated by a client, which allows remote attackers to cause a denial of service (resource exhaustion) by repeatedly connecting to and disconnecting from the server.

Exploits (1)

exploitdb WORKING POC VERIFIED
by awayzzz · cdosmultiple
https://www.exploit-db.com/exploits/21126

This exploit is a TCP connection flooder targeting 6tunnel versions prior to 0.08, causing a denial of service by exhausting available sockets. It supports both IPv4 and IPv6 connections and allows customization of port, delay, and number of connections.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: 6tunnel < 0.08
No auth needed
Prerequisites: Network access to the target 6tunnel server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=100386451702966&w=2
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3467
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7337

Scores

CVSS v3 7.5
EPSS 0.0566
EPSS Percentile 92.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-772
Status published
Products (1)
6tunnel_project/6tunnel < 0.08
Published Dec 06, 2001
Tracked Since Feb 18, 2026