CVE-2005-0768

GoodTech Telnet Server 4.0-5.0 - Remote Code Execution via Long String to Port 2380

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2005-0768. PoCs published by Metasploit, Komrade, including Metasploit module exploits/windows/telnet/goodtech_telnet.

AI-analyzed exploit summary This is a Metasploit module exploiting a stack buffer overflow in GoodTech Telnet Server <= 5.0.6 via a long string sent to TCP port 2380, allowing remote code execution.

Description

Buffer overflow in the administration web server for GoodTech Telnet Server 4.0 and 5.0, and possibly all versions before 5.0.7, allows remote attackers to execute arbitrary code via a long string to port 2380.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16817

View Code ZIP pw:eip

This is a Metasploit module exploiting a stack buffer overflow in GoodTech Telnet Server <= 5.0.6 via a long string sent to TCP port 2380, allowing remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: GoodTech Telnet Server <= 5.0.6

No auth needed

Prerequisites: Network access to target · Target running vulnerable GoodTech Telnet Server

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Komrade · c++doswindows

https://www.exploit-db.com/exploits/882

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in GoodTech Telnet Server by sending a maliciously crafted HTTP GET request to the administration server on port 2380. The payload consists of a long string (10032 bytes) followed by an invalid memory address (0xDEADC0DE), causing the server to crash.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: GoodTech Telnet Server versions 4.0 - 5.0 (prior to 5.0.7)

No auth needed

Prerequisites: Network access to the target's administration port (2380) · GoodTech Telnet Server version 4.0 - 5.0 (prior to 5.0.7)

MITRE ATT&CK

T1499.004 - Application or System Exploitation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/telnet/goodtech_telnet.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack buffer overflow in GoodTech Telnet Server by sending an overly long string to overwrite the buffer and control program execution. It includes SEH-based payload delivery and targets specific Windows versions with known return addresses.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: GoodTech Systems Telnet Server < 5.0.7

No auth needed

Prerequisites: Network access to the target system · Telnet server running on port 2380

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit x_refsource_misc

http://unsecure.altervista.org/security/goodtechtelnet.htm

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=111092012415193&w=2

Scores

EPSS 0.7536

EPSS Percentile 98.9%

Details

Status published

Products (2)

goodtech_systems/goodtech_telnet_server 4.0

goodtech_systems/goodtech_telnet_server 5.0

Published May 02, 2005

Tracked Since Feb 18, 2026