CVE-2007-1866

dproxy dproxy-nexgen - Stack-based Buffer Overflow in dns_decode_reverse_name

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1866. PoCs published by mu-b.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in dproxy-nexgen DNS proxy server, allowing remote code execution via a crafted UDP packet. It includes shellcode for a bind shell on port 4444 and supports multiple targets with specific frame pointer addresses.

Description

Stack-based buffer overflow in the dns_decode_reverse_name function in dns_decode.c in dproxy-nexgen allows remote attackers to execute arbitrary code by sending a crafted packet to port 53/udp, a different issue than CVE-2007-1465.

Exploits (1)

exploitdb WORKING POC VERIFIED

by mu-b · cremotelinux_x86

https://www.exploit-db.com/exploits/3615

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in dproxy-nexgen DNS proxy server, allowing remote code execution via a crafted UDP packet. It includes shellcode for a bind shell on port 4444 and supports multiple targets with specific frame pointer addresses.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: dproxy-nexgen (tar.gz and Debian stable versions)

No auth needed

Prerequisites: Network access to the target's DNS port (53/UDP) · Target must be running vulnerable dproxy-nexgen version

MITRE ATT&CK