CVE-2008-5405

Cain & Abel <4.9.24 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 5 public exploits for CVE-2008-5405. PoCs published by Metasploit, Encrypt3d.M!nd, SkD, including Metasploit module exploits/windows/fileformat/cain_abel_4918_rdp.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in Cain & Abel v4.9.24 and below via a maliciously crafted RDP file. It leverages a return address overwrite to execute arbitrary shellcode when the victim opens the file in the Remote Desktop Password Decoder tool.

Description

Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string.

Exploits (5)

exploitdb WORKING POC VERIFIED
by Metasploit · rubylocalaix
https://www.exploit-db.com/exploits/16659

This exploit targets a stack-based buffer overflow in Cain & Abel v4.9.24 and below via a maliciously crafted RDP file. It leverages a return address overwrite to execute arbitrary shellcode when the victim opens the file in the Remote Desktop Password Decoder tool.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Cain & Abel <= v4.9.24
No auth needed
Prerequisites: Victim must open the crafted RDP file in Cain & Abel's Remote Desktop Password Decoder tool
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Encrypt3d.M!nd · pythonlocalwindows
https://www.exploit-db.com/exploits/7329

This exploit targets a buffer overflow vulnerability in Cain & Abel 4.9.23 by crafting a malicious .rdp file. When decoded by Cain's Remote Desktop Password Decoder, it executes shellcode to add an administrator user with a specified password.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Cain & Abel 4.9.23
No auth needed
Prerequisites: Victim must open the malicious .rdp file in Cain & Abel
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by SkD · perllocalwindows
https://www.exploit-db.com/exploits/7309

This exploit targets a stack overflow vulnerability in Cain & Abel <= v4.9.24 by crafting a malicious .RDP file. It leverages a JMP ESP instruction in shell32.dll to redirect execution to the shellcode, which spawns a calculator (calc.exe) as a proof of concept.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Cain & Abel <= v4.9.24
No auth needed
Prerequisites: Victim must open the malicious .RDP file in Cain & Abel
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Encrypt3d.M!nd · pythondoswindows
https://www.exploit-db.com/exploits/7297

This PoC demonstrates a buffer overflow in Cain & Abel v4.9.23 by crafting a malicious .rdp file with an oversized payload (8194 'A's) to overwrite SEH records, leading to a crash and potential arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Cain & Abel v4.9.23
No auth needed
Prerequisites: Victim must open the malicious .rdp file in Cain & Abel
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GOOD
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb

This Metasploit module exploits a stack-based buffer overflow in Cain & Abel v4.9.24 and below via a maliciously crafted RDP file. It leverages SEH overwrites and a payload to achieve remote code execution when the victim opens the file in the Remote Desktop Password Decoder tool.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Cain & Abel v4.9.24 and below
No auth needed
Prerequisites: Victim must open the crafted RDP file in Cain & Abel's Remote Desktop Password Decoder tool
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7309
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32794
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32543
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46940
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/50342
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/3286
Various Sources x_refsource_confirm
http://oxid.netsons.org/phpBB2/viewtopic.php?t=2750
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4703
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7297

Scores

EPSS 0.4698
EPSS Percentile 98.7%

Details

CWE
CWE-119
Status published
Products (2)
oxid/cain_and_abel 4.9.23
oxid/cain_and_abel 4.9.24
Published Dec 10, 2008
Tracked Since Feb 18, 2026