CVE-2007-1770

ESRI ArcSDE - Buffer Overflow via Long Parameters in Three-Tiered Configurations

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1770. PoCs published by Heretic2.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in ESRI ArcSDE 9.0-9.2sp1, allowing remote code execution by overwriting EIP and executing shellcode. It includes multiple return addresses for different versions and languages, and supports both bind and reverse shells.

Description

Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Heretic2 · c++remotewindows

https://www.exploit-db.com/exploits/4146

View Code ZIP pw:eip

This exploit targets a stack-based buffer overflow in ESRI ArcSDE 9.0-9.2sp1, allowing remote code execution by overwriting EIP and executing shellcode. It includes multiple return addresses for different versions and languages, and supports both bind and reverse shells.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ESRI ArcSDE 9.0 - 9.2sp1

No auth needed

Prerequisites: Network access to the vulnerable ArcSDE service · Knowledge of target OS and ArcSDE version for correct return address selection

MITRE ATT&CK