CVE-2005-1110

SUMUS 0.2.2 - Remote Code Execution via Large Packet to TCP Port 81

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1110. PoCs published by vade79.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the SUMUS server's HTTPD component (CVE-2005-1110). It leverages a specially crafted buffer to overwrite critical integers and redirect execution to shellcode, providing remote code execution.

Description

Stack-based buffer overflow in the RespondeHTTPPendiente function in the HTTP server for SUMUS 0.2.2 allows remote attackers to execute arbitrary code via a large packet sent to TCP port 81.

Exploits (1)

exploitdb WORKING POC VERIFIED

by vade79 · cremotelinux

https://www.exploit-db.com/exploits/940

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in the SUMUS server's HTTPD component (CVE-2005-1110). It leverages a specially crafted buffer to overwrite critical integers and redirect execution to shellcode, providing remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: SUMUS server v0.2.2

No auth needed

Prerequisites: Network access to the target server · SUMUS server running on port 81

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/20110

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=111350491800089&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1013717

Scores

EPSS 0.0467

EPSS Percentile 90.6%

Details

Status published

Products (1)

sumus/sumus 0.2.2

Published May 02, 2005

Tracked Since Feb 18, 2026