CVE-2004-0409

XChat 1.8.0-2.0.8 - Remote Code Execution via Socks-5 Proxy Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0409. PoCs published by vade79.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in X-Chat versions 1.8.0 to 2.0.8 via malformed SOCKS-5 protocol data. It sends a crafted payload to overwrite the buffer and execute a bind shell, leveraging a fixed offset for reliability.

Description

Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code.

Exploits (1)

exploitdb WORKING POC VERIFIED

by vade79 · cremotelinux

https://www.exploit-db.com/exploits/296

View Code ZIP pw:eip

This exploit targets a stack-based buffer overflow in X-Chat versions 1.8.0 to 2.0.8 via malformed SOCKS-5 protocol data. It sends a crafted payload to overwrite the buffer and execute a bind shell, leveraging a fixed offset for reliability.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: X-Chat v1.8.0 - v2.0.8

No auth needed

Prerequisites: Network access to target · Target using SOCKS-5 proxy · X-Chat configured to autoconnect

MITRE ATT&CK