CVE-2007-2711

TinyIdentD < 2.2 - Remote Code Execution via Long String to TCP Port 113

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2007-2711. PoCs published by Metasploit, Thomas Pollet, Maarten Boone, including Metasploit module exploits/windows/misc/tiny_identd_overflow.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in TinyIdentD 2.2 by sending a crafted string to the ident service (port 113), overwriting the return address to execute arbitrary code. It includes payload handling and specific return addresses for Windows 2000 SP4 and XP SP2.

Description

Stack-based buffer overflow in TinyIdentD 2.2 and earlier allows remote attackers to execute arbitrary code via a long string to TCP port 113.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16444

This exploit targets a stack-based buffer overflow in TinyIdentD 2.2 by sending a crafted string to the ident service (port 113), overwriting the return address to execute arbitrary code. It includes payload handling and specific return addresses for Windows 2000 SP4 and XP SP2.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: TinyIdentD 2.2
No auth needed
Prerequisites: Network access to the target's ident service (port 113) · Target running TinyIdentD 2.2 on a vulnerable Windows system
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Thomas Pollet · pythonremotewindows
https://www.exploit-db.com/exploits/3925

This exploit targets a buffer overflow vulnerability in tinyidentd by sending a crafted payload to port 113. It includes a NOP sled and alphanumeric shellcode to execute calc.exe, demonstrating remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: tinyidentd (version not specified)
No auth needed
Prerequisites: Network access to target port 113 · Vulnerable version of tinyidentd
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by Maarten Boone · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/tiny_identd_overflow.rb

This Metasploit module exploits a stack-based buffer overflow in TinyIdentD 2.2 by sending a crafted string to the ident service (port 113), overwriting the return address to achieve remote code execution. It includes multiple return addresses for various Windows versions and service packs.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: TinyIdentD 2.2
No auth needed
Prerequisites: Network access to the target's ident service (port 113) · Target running TinyIdentD 2.2 on a vulnerable Windows version
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (6)

Core 6
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/23981
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/3925
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1825
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34298
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/36053
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25248

Scores

EPSS 0.6271
EPSS Percentile 99.1%

Details

Status published
Products (1)
tinyirc/tinyidentd < 2.2
Published May 16, 2007
Tracked Since Feb 18, 2026