CVE-2004-0313

Exploitation Summary

EIP tracks 6 public exploits for CVE-2004-0313. PoCs published by Metasploit, Rave, NoRpiuS, including Metasploit module exploits/windows/http/psoproxy91_overflow.

AI-analyzed exploit summary This Metasploit module exploits a stack-based buffer overflow in PSO Proxy v0.91 by sending an excessively long string to the web server, overwriting the stack and executing arbitrary code.

Description

Buffer overflow in PSOProxy 0.91 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request, as demonstrated using a long (1) GET argument or (2) method name.

Exploits (6)

exploitdb WORKING POC VERIFIED

by Metasploit · rubydoswindows

https://www.exploit-db.com/exploits/16790

View Code ZIP pw:eip

This Metasploit module exploits a stack-based buffer overflow in PSO Proxy v0.91 by sending an excessively long string to the web server, overwriting the stack and executing arbitrary code.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: PSO Proxy v0.91

No auth needed

Prerequisites: Network access to the target server · PSO Proxy v0.91 running on the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Rave · cremotewindows

https://www.exploit-db.com/exploits/156

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in PSOProxy v0.91 by sending a crafted HTTP GET request with a long string of 'A's followed by a shellcode address and the shellcode itself. It spawns a bindshell on port 28876.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: PSOProxy v0.91

No auth needed

Prerequisites: Network access to the target on port 8080 · Target OS and stack address must match one of the provided options

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by NoRpiuS · cremotewindows

https://www.exploit-db.com/exploits/23734

View Code ZIP pw:eip

This exploit targets a remote buffer overflow vulnerability in PSOProxy v0.91. It crafts a malicious buffer with a return address and shellcode to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: PSOProxy v0.91

No auth needed

Prerequisites: Network access to the target · Target running PSOProxy v0.91

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Li0n7 · cremotewindows

https://www.exploit-db.com/exploits/23733

View Code ZIP pw:eip

This exploit targets a remote buffer overflow vulnerability in PSOProxy 0.91, leveraging a crafted payload to execute arbitrary shellcode. It spawns a reverse shell on port 9191 by overwriting the return address with a JMP ESP instruction from USER32.DLL.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: PSOProxy 0.91

No auth needed

Prerequisites: Network access to the target PSOProxy service · Target running Windows XP SP1 FR with PSOProxy 0.91

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by PaLbOsA · cremotewindows

https://www.exploit-db.com/exploits/23732

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in PSOProxy v0.91, sending a crafted payload with shellcode to open a reverse shell on port 4444. The exploit uses a large buffer filled with NOP sleds and shellcode to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: PSOProxy v0.91

No auth needed

Prerequisites: Network access to the target · PSOProxy v0.91 running on the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by aushack · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/psoproxy91_overflow.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack buffer overflow in PSO Proxy v0.91 by sending an excessively long string to overwrite the stack, leading to remote code execution. It includes multiple return addresses for different Windows versions and languages.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: PSO Proxy v0.91

No auth needed

Prerequisites: Network access to the target · PSO Proxy v0.91 running on the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/15275

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=107730731900261&w=2

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/9706

PSOProxy 0.91 - Buffer Overflow via Long HTTP Request

Exploitation Summary

Description

Exploits (6)

References (3)

Scores

Details