CVE-2007-0368

mbse-bbs <= 0.70 - Local Stack-Based Buffer Overflow via MBSE_ROOT Environment Variable

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0368. PoCs published by prdelka.

AI-analyzed exploit summary This exploit targets a stack overflow vulnerability in mbse-bbs 0.70.0 and below by overflowing the MBSE_ROOT environment variable. It executes shellcode to spawn a root shell, leveraging a hardcoded return address calculation for non-ASLR systems.

Description

Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary code via a long string in the MBSE_ROOT environment variable.

Exploits (1)

exploitdb WORKING POC VERIFIED

by prdelka · clocallinux

https://www.exploit-db.com/exploits/3154

View Code ZIP pw:eip

This exploit targets a stack overflow vulnerability in mbse-bbs 0.70.0 and below by overflowing the MBSE_ROOT environment variable. It executes shellcode to spawn a root shell, leveraging a hardcoded return address calculation for non-ASLR systems.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: mbse-bbs <= 0.70.0

No auth needed

Prerequisites: Non-ASLR system · mbse-bbs binary path · Execution permissions

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Mailing List mailing-list x_refsource_fulldisc

http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051859.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/31639

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/3154

Various Sources x_refsource_misc

http://www.mbse.eu/mbse/mbsebbs/index.html

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/22112

Scores

EPSS 0.0498

EPSS Percentile 91.1%

Details

Status published

Products (9)

michiel_broek/mbse-bbs 0.33.17

michiel_broek/mbse-bbs 0.33.18

michiel_broek/mbse-bbs 0.33.19

michiel_broek/mbse-bbs 0.33.20

michiel_broek/mbse-bbs 0.35.7

michiel_broek/mbse-bbs 0.36

michiel_broek/mbse-bbs 0.38

michiel_broek/mbse-bbs 0.60

michiel_broek/mbse-bbs 0.70

Published Jan 19, 2007

Tracked Since Feb 18, 2026