CVE-2006-3546

ADA Image Server - Denial of Service via Long HTTP POST Request

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2006-3546. PoCs published by n00b, Xavier de Leon.

AI-analyzed exploit summary This exploit sends an overly long HTTP POST request to ImgSvr.exe, causing an access violation and crashing the server. It demonstrates a denial-of-service (DoS) vulnerability in the target software.

Description

Patrice Freydiere ImgSvr (aka ADA Image Server) allows remote attackers to cause a denial of service (daemon crash) via a long HTTP POST request. NOTE: this might be the same issue as CVE-2004-2463.

Exploits (2)

exploitdb WORKING POC VERIFIED

by n00b · perldoswindows

https://www.exploit-db.com/exploits/1980

View Code ZIP pw:eip

This exploit sends an overly long HTTP POST request to ImgSvr.exe, causing an access violation and crashing the server. It demonstrates a denial-of-service (DoS) vulnerability in the target software.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: ImgSvr.exe (version not specified)

No auth needed

Prerequisites: Network access to the target server · ImgSvr.exe running on the target

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Xavier de Leon · pythonlocallinux

https://www.exploit-db.com/exploits/1297

View Code ZIP pw:eip

This exploit targets a local privilege escalation vulnerability in F-Secure Anti-Virus Internet Gatekeeper for Linux by leveraging symlink and file creation to gain root access via SUID manipulation.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: F-Secure Anti-Virus Internet Gatekeeper for Linux <2.15.484

Auth required

Prerequisites: Local access to the vulnerable system · Presence of vulnerable CGI files in the target directory

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548.001 - Setuid and Setgid

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/27613

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/1232

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/438971/100/0/threaded

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/18784

Scores

EPSS 0.0329

EPSS Percentile 86.9%

Details

Status published

Products (1)

ada/imgsvr 0.6.5

Published Jul 13, 2006

Tracked Since Feb 18, 2026