CVE-2007-4566

Alpha Centauri Software SIDVault <2.0f - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2007-4566. PoCs published by SkuLL-HackeR, His0k4, blake.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in SidVault 2.0e via LDAP, using a SEH-based approach to execute arbitrary shellcode (calc.exe in this case). The payload is crafted with a Metasploit-generated alpha-numeric shellcode and a universal return address.

Description

Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.

Exploits (4)

exploitdb WORKING POC VERIFIED
by SkuLL-HackeR · pythonremotewindows
https://www.exploit-db.com/exploits/9596

This exploit targets a buffer overflow vulnerability in SidVault 2.0e via LDAP, using a SEH-based approach to execute arbitrary shellcode (calc.exe in this case). The payload is crafted with a Metasploit-generated alpha-numeric shellcode and a universal return address.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SidVault 2.0e
No auth needed
Prerequisites: Network access to the target LDAP service · SidVault 2.0e running on Windows XP SP3 or similar vulnerable environment
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by His0k4 · rubyremotewindows
https://www.exploit-db.com/exploits/9592

This is a Metasploit module exploiting a buffer overflow in SIDVault 2.0e's LDAP service via a maliciously crafted LDAP request. It achieves remote code execution by overflowing the buffer with a payload and precise return address manipulation.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SIDVault 2.0e
No auth needed
Prerequisites: Network access to the target's LDAP service (port 389) · SIDVault 2.0e running on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by blake · pythonremotewindows
https://www.exploit-db.com/exploits/9586

This exploit targets a buffer overflow vulnerability in SIDVault 2.0e, leveraging a crafted LDAP bind request to execute a shell_bind_tcp payload on Windows XP SP3. The payload binds a shell to port 4444, granting remote command execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SIDVault 2.0e
No auth needed
Prerequisites: Network access to the target system · LDAP service exposed on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Joxean Koret · pythonremotelinux
https://www.exploit-db.com/exploits/4315

This exploit targets a buffer overflow vulnerability in Alpha Centauri Software SIDVault LDAP Server, allowing remote code execution via a crafted LDAP packet. The shellcode is designed to spawn a shell, and the exploit leverages a JMP ESP address in linux-gate.so.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Alpha Centauri Software SIDVault LDAP Server
No auth needed
Prerequisites: Network access to the target LDAP server on port 389
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018612
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26613
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3061
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25460
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/477821/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36272
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2976

Scores

EPSS 0.1533
EPSS Percentile 96.3%

Details

CWE
CWE-119
Status published
Products (1)
alpha_centauri_software/sidvault_ldap_server < 2.0e
Published Aug 28, 2007
Tracked Since Feb 18, 2026