CVE-2001-1320

Network Associates PGP Keyserver 7.0 - DoS, RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2001-1320. PoCs published by Metasploit, aushack, including Metasploit module exploits/windows/ldap/pgp_keyserver7.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in the LDAP service of Network Associates PGP KeyServer 7.0 via a crafted LDAP request, using an egghunter to locate the payload due to space constraints.

Description

Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16823

This Metasploit module exploits a stack buffer overflow in the LDAP service of Network Associates PGP KeyServer 7.0 via a crafted LDAP request, using an egghunter to locate the payload due to space constraints.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Network Associates PGP KeyServer 7.0
No auth needed
Prerequisites: Network access to the LDAP service (port 389)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GOOD
by aushack · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ldap/pgp_keyserver7.rb

This Metasploit module exploits a stack buffer overflow in the LDAP service of Network Associates PGP KeyServer 7. It uses an egghunter to locate the payload due to space constraints, demonstrating a functional remote code execution exploit.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Network Associates PGP KeyServer 7.0
No auth needed
Prerequisites: Network access to the target LDAP service (port 389)
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert
http://www.cert.org/advisories/CA-2001-18.html
Patch, Vendor Advisory third-party-advisory government-resource x_refsource_ciac
http://ciac.llnl.gov/ciac/bulletins/l-116.shtml
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/765256
US Government Resource x_refsource_confirm
http://www.kb.cert.org/vuls/id/JPLA-4WESNK
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6900
Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3046

Scores

EPSS 0.6832
EPSS Percentile 99.2%

Details

Status published
Products (1)
pgp/keyserver 7.0
Published Jul 16, 2001
Tracked Since Feb 18, 2026