CVE-2005-0385

luxman < 0.41 - Buffer Overflow via Long Command Line Argument

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0385. PoCs published by Kevin Finisterre.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in LuxMan 0.41-19.1, leveraging a crafted environment variable and command-line argument to execute arbitrary shellcode, resulting in local privilege escalation to root.

Description

Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Kevin Finisterre · perllocallinux
https://www.exploit-db.com/exploits/877

This exploit targets a buffer overflow vulnerability in LuxMan 0.41-19.1, leveraging a crafted environment variable and command-line argument to execute arbitrary shellcode, resulting in local privilege escalation to root.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: LuxMan 0.41-19.1
No auth needed
Prerequisites: Access to the target system · svgalib configured with 'security compat' · LuxMan installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Exploit, Vendor Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2005/dsa-693
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/393195/2005-03-13/2005-03-19/0
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/19680
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/12797
Exploit, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/14582

Scores

EPSS 0.0137
EPSS Percentile 68.4%

Details

Status published
Products (2)
frank_mcingvale/luxman 0.41
frank_mcingvale/luxman 0.41_17
Published May 02, 2005
Tracked Since Feb 18, 2026