CVE-2006-5780

XLink Omni-NFS Server 5.2 - Stack-Based Buffer Overflow via Crafted TCP Packet

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2006-5780. PoCs published by Metasploit, Evgeny Legerov, MC, including Metasploit module exploits/windows/nfs/xlink_nfsd.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in Xlink Omni-NFS Server 5.2 via a crafted NFS packet, allowing arbitrary code execution. It targets Windows 2000 SP4 English with a specific return address and includes a payload with bad character restrictions.

Description

Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS Server 5.2 allows remote attackers to execute arbitrary code via a crafted TCP packet to port 2049 (nfsd), as demonstrated by vd_xlink.pm.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16389

This Metasploit module exploits a stack buffer overflow in Xlink Omni-NFS Server 5.2 via a crafted NFS packet, allowing arbitrary code execution. It targets Windows 2000 SP4 English with a specific return address and includes a payload with bad character restrictions.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Xlink Omni-NFS Server 5.2
No auth needed
Prerequisites: Network access to the target on port 2049 · Target running Xlink Omni-NFS Server 5.2 on Windows 2000 SP4 English
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Evgeny Legerov · remotewindows
https://www.exploit-db.com/exploits/2729

This exploit targets a stack overflow vulnerability in Omni-NFS Server 5.2 (nfsd.exe) on Windows 2000 SP4. It crafts a malicious payload to trigger the overflow and execute arbitrary shellcode, leading to remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Omni-NFS Server 5.2 (nfsd.exe) on Windows 2000 SP4
No auth needed
Prerequisites: Network access to the target system on port 2049
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/nfs/xlink_nfsd.rb

This Metasploit module exploits a stack buffer overflow in Xlink Omni-NFS Server 5.2 via a crafted NFS packet, allowing arbitrary code execution. It targets Windows 2000 SP4 English with a specific return address and includes a payload encoder.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Xlink Omni-NFS Server 5.2
No auth needed
Prerequisites: Network access to target on port 2049 · Target running Xlink Omni-NFS Server 5.2 on Windows 2000 SP4 English
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Exploit, Vendor Advisory x_refsource_misc
http://gleg.net/vulndisco_meta.shtml
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22751
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/20941
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/2729
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4380
Exploit, Vendor Advisory x_refsource_misc
http://gleg.net/downloads/VULNDISCO_META_FREE.tar.gz
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1017172
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/450728/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30083
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/1831

Scores

EPSS 0.6123
EPSS Percentile 99.0%

Details

Status published
Products (1)
xlink_technology/omni-nfs_server 5.2
Published Nov 07, 2006
Tracked Since Feb 18, 2026