CVE-2006-4125

dconnect_daemon <= 0.7.0 - Remote Code Execution via Large Nickname in listen_thread_udp

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4125. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The provided text describes a buffer overflow vulnerability in DConnect Daemon versions 0.7.0 and prior, allowing remote code execution or denial of service. However, no actual exploit code is included in the snippet.

Description

Stack-based buffer overflow in main.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to execute arbitrary code via a large nickname, which is not properly handled by the listen_thread_udp function.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textremotemultiple

https://www.exploit-db.com/exploits/28344

View Code ZIP pw:eip

The provided text describes a buffer overflow vulnerability in DConnect Daemon versions 0.7.0 and prior, allowing remote code execution or denial of service. However, no actual exploit code is included in the snippet.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: DConnect Daemon <= 0.7.0

No auth needed

Prerequisites: Network access to the vulnerable DConnect Daemon service

MITRE ATT&CK