CVE-2002-0163

Squid < 2.4_9 - Heap-Based Buffer Overflow via Compressed DNS Responses

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0163. PoCs published by Teso.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Squid's DNS resolver (CVE-2002-0163) to achieve remote code execution. It uses a crafted DNS response to overwrite the return address and execute shellcode, spawning a portshell on a specified port.

Description

Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Teso · cremotelinux

https://www.exploit-db.com/exploits/347

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Squid's DNS resolver (CVE-2002-0163) to achieve remote code execution. It uses a crafted DNS response to overwrite the return address and execute shellcode, spawning a portshell on a specified port.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Squid 2.4.1 and related versions

No auth needed

Prerequisites: Network access to the vulnerable Squid resolver · Knowledge of the target's memory layout

MITRE ATT&CK