CVE-2009-4660

BigAnt IM Server 2.50 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.

Exploits (4)

exploitdb WORKING POC VERIFIED

by hack4love · pythonremotewindows

https://www.exploit-db.com/exploits/9690

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by blake · pythonremotewindows

https://www.exploit-db.com/exploits/9673

View Code ZIP pw:eip

nomisec WORKING POC

by war4uthor · poc

https://github.com/war4uthor/CVE-2009-4660

View Code ZIP pw:eip

metasploit WORKING POC GREAT

by Lincoln, DouBle_Zer0, jduck · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/bigant_server_usv.rb

View Code ZIP pw:eip

References (6)

[Vendor Advisory] http://secunia.com/advisories/36704

[Third Party Advisory] http://www.attrition.org/pipermail/vim/2009-September/002271.html

[Exploit] http://www.securityfocus.com/bid/36407

[Vendor Advisory] http://www.vupen.com/english/advisories/2009/2679

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/9673

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/9690

Scores

EPSS 0.8172

EPSS Percentile 99.2%

Details

CWE

CWE-119

Status published

Products (1)

bigantsoft/bigant_messenger 2.50

Published Mar 03, 2010

Tracked Since Feb 18, 2026