CVE-2008-5742

AIST NetCat <3.12 - Open Redirect

Title source: llm

Description

Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the redirect parameter in a logoff action to modules/auth/index.php or (2) the url parameter to modules/linkmanager/redirect.php. NOTE: this was reported within an "HTTP Response Splitting" section in the original disclosure.

Exploits (1)

exploitdb WRITEUP VERIFIED

by s4avrd0w · textwebappsphp

https://www.exploit-db.com/exploits/7560

View Code ZIP pw:eip

References (3)

Core 3

Core References

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/4819

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/7560

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/32992

Scores

EPSS 0.0330

EPSS Percentile 87.3%

Details

CWE

CWE-59

Status published

Products (8)

netcat/netcat 1.1

netcat/netcat 2.0

netcat/netcat 2.1

netcat/netcat 2.2

netcat/netcat 2.3

netcat/netcat 2.4

netcat/netcat 3.0

netcat/netcat < 3.12

Published Dec 26, 2008

Tracked Since Feb 18, 2026