CVE-2008-1118

Timbuktu Pro <8.7 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1118. PoCs published by Core Security.

AI-analyzed exploit summary This PoC exploits a path traversal vulnerability in Timbuktu Pro to upload arbitrary files to a remote system and forge log entries. It uses a sequence of crafted packets to bypass filters and achieve remote file write.

Description

Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does not perform input validation before logging information fields taken from packets from a remote peer, which allows remote attackers to generate crafted log entries, and possibly avoid detection of attacks, via modified (1) computer name, (2) user name, and (3) IP address fields.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Core Security · pythonremotewindows

https://www.exploit-db.com/exploits/5238

View Code ZIP pw:eip

This PoC exploits a path traversal vulnerability in Timbuktu Pro to upload arbitrary files to a remote system and forge log entries. It uses a sequence of crafted packets to bypass filters and achieve remote file write.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Timbuktu Pro (versions prior to the fix for CVE-2008-1118)

No auth needed

Prerequisites: Network access to the target's Timbuktu Pro service (TCP/407)

MITRE ATT&CK