CVE-2006-3670

winlpd < 1.26 - Remote Code Execution via Long String to TCP Port 515

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-3670. PoCs published by Pablo Isola.

AI-analyzed exploit summary This is a remote buffer overflow exploit for Winlpd 1.2 Build 1076, leveraging a crafted payload to achieve remote code execution via a TCP connection to port 515. The exploit includes shellcode and a return address for Windows 2K and XP.

Description

Stack-based buffer overflow in Winlpd 1.26 allows remote attackers to execute arbitrary code via a long string in a request to TCP port 515.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Pablo Isola · perlremotewindows

https://www.exploit-db.com/exploits/2014

View Code ZIP pw:eip

This is a remote buffer overflow exploit for Winlpd 1.2 Build 1076, leveraging a crafted payload to achieve remote code execution via a TCP connection to port 515. The exploit includes shellcode and a return address for Windows 2K and XP.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Winlpd 1.2 Build 1076

No auth needed

Prerequisites: Network access to the target on port 515 · Vulnerable version of Winlpd running

MITRE ATT&CK