CVE-2003-1236

Tanne 0.6.17 - Remote Code Execution via Format String in Logger Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1236. PoCs published by dong-h0un yoU.

AI-analyzed exploit summary This exploit targets a format string vulnerability in TANne 0.6.17, leveraging insecure syslog() calls to achieve remote code execution. It crafts a malicious payload to overwrite the GOT entry of syslog() and redirect execution to a shellcode that spawns a rootshell on port 36864.

Description

Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.

Exploits (1)

exploitdb WORKING POC VERIFIED

by dong-h0un yoU · cremotelinux

https://www.exploit-db.com/exploits/22135

View Code ZIP pw:eip

This exploit targets a format string vulnerability in TANne 0.6.17, leveraging insecure syslog() calls to achieve remote code execution. It crafts a malicious payload to overwrite the GOT entry of syslog() and redirect execution to a shellcode that spawns a rootshell on port 36864.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: TANne 0.6.17

No auth needed

Prerequisites: Network access to the vulnerable TANne service · Knowledge of the target system's memory layout (e.g., GOT addresses)

MITRE ATT&CK