CVE-2006-3931

Midirecord 2.0 - Local Buffer Overflow via Long Command Line Argument

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-3931. PoCs published by Dedi Dwianto.

AI-analyzed exploit summary This exploit targets a local buffer overflow in Midirecord 2.0 by overwriting a return address with a crafted buffer and executing shellcode via an environment variable. It uses a standard stack-based overflow technique with a hardcoded return address.

Description

Buffer overflow in the daemon function in midirecord.cc in Tuomas Airaksinen Midirecord 2.0 allows local users to execute arbitrary code via a long command line argument (filename). NOTE: This may not be a vulnerability if Midirecord is not installed setuid.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Dedi Dwianto · clocallinux

https://www.exploit-db.com/exploits/28288

View Code ZIP pw:eip

This exploit targets a local buffer overflow in Midirecord 2.0 by overwriting a return address with a crafted buffer and executing shellcode via an environment variable. It uses a standard stack-based overflow technique with a hardcoded return address.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Midirecord 2.0

No auth needed

Prerequisites: Local access to the target system · Midirecord 2.0 installed · Ability to execute the vulnerable binary

MITRE ATT&CK