CVE-2005-4076

Appfluent Technology Database IDS 2.0 - Local Buffer Overflow via APPFLUENT_HOME Environment Variable

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-4076. PoCs published by c0ntex.

AI-analyzed exploit summary This exploit leverages a stack-based buffer overflow in Appfluent Database IDS v2.0 via the $APPFLUENT_HOME environment variable. It uses a crafted environment variable to overflow the stack and execute arbitrary shellcode, leading to local privilege escalation to root when executed via sudo.

Description

Buffer overflow in Appfluent Technology Database IDS 2.0 allows local users to execute arbitrary code via a long APPFLUENT_HOME environment variable.

Exploits (1)

exploitdb WORKING POC VERIFIED

by c0ntex · clocalsolaris

https://www.exploit-db.com/exploits/1360

View Code ZIP pw:eip

This exploit leverages a stack-based buffer overflow in Appfluent Database IDS v2.0 via the $APPFLUENT_HOME environment variable. It uses a crafted environment variable to overflow the stack and execute arbitrary shellcode, leading to local privilege escalation to root when executed via sudo.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Appfluent Database IDS v2.0

Auth required

Prerequisites: User must be in sudoers file with permission to run the watcher process · Sudo must honor environment variables (env_reset not set) · $APPFLUENT_HOME environment variable must be set

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1555 - Credentials from Password Stores

devstral-2 · analyzed Feb 16, 2026 Full analysis →