CVE-2005-0523

ProZilla Download Accelerator 1.3.7.3 - Remote Code Execution via Format String in Location Header

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0523. PoCs published by Serkan Akpolat.

AI-analyzed exploit summary This exploit targets a format string vulnerability in Prozilla <= 1.3.7.3, leveraging a crafted HTTP response to execute arbitrary shellcode. It includes multiple targets for different Linux distributions and establishes a reverse shell connection.

Description

Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Serkan Akpolat · cremotelinux

https://www.exploit-db.com/exploits/806

View Code ZIP pw:eip

This exploit targets a format string vulnerability in Prozilla <= 1.3.7.3, leveraging a crafted HTTP response to execute arbitrary shellcode. It includes multiple targets for different Linux distributions and establishes a reverse shell connection.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Racy

Target: Prozilla <= 1.3.7.3

No auth needed

Prerequisites: Network access to the target · Prozilla running on the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit x_refsource_misc

http://www.securiteam.com/exploits/5WP082KEUW.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/12635

Patch vendor-advisory x_refsource_debian

http://www.debian.org/security/2005/dsa-719

Various Sources x_refsource_misc

http://deicide.siyahsapka.org/exploits/proz_ex2.c

Scores

EPSS 0.0987

EPSS Percentile 94.9%

Details

Status published

Products (9)

prozilla/prozilla_download_accelerator 1.3.0

prozilla/prozilla_download_accelerator 1.3.1

prozilla/prozilla_download_accelerator 1.3.2

prozilla/prozilla_download_accelerator 1.3.3

prozilla/prozilla_download_accelerator 1.3.4

prozilla/prozilla_download_accelerator 1.3.5

prozilla/prozilla_download_accelerator 1.3.5.1

prozilla/prozilla_download_accelerator 1.3.5.2

prozilla/prozilla_download_accelerator 1.3.6

Published May 02, 2005

Tracked Since Feb 18, 2026