CVE-2010-1147

Open Direct Connect Hub 0.8.1 - Authenticated Stack-Based Buffer Overflow via MyINFO Message

Title source: manual

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-1147. PoCs published by Pierre Nogues.

AI-analyzed exploit summary This exploit targets a stack overflow vulnerability in OpenDcHub 0.8.1 via a crafted MyINFO message, allowing remote code execution. It includes shellcode and precise memory addresses for overwriting EIP and ESP.

Description

Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC Hub or OpenDCHub) 0.8.1 allows remote authenticated users to execute arbitrary code via a long MyINFO message.

Exploits (1)

exploitdb WORKING POC

by Pierre Nogues · pythonremotelinux

https://www.exploit-db.com/exploits/11986

View Code ZIP pw:eip

This exploit targets a stack overflow vulnerability in OpenDcHub 0.8.1 via a crafted MyINFO message, allowing remote code execution. It includes shellcode and precise memory addresses for overwriting EIP and ESP.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: OpenDcHub 0.8.1

No auth needed

Prerequisites: Network access to the target's OpenDcHub port (default 5000) · Target running OpenDcHub 0.8.1 on a Unix platform

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (13)

Core 13

Core References

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2010/1044

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2010/1023

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/39129

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=579206

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/040380.html

Mailing List mailing-list x_refsource_mlist

http://openwall.com/lists/oss-security/2010/04/03/1

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/040360.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/39664

Exploit mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/510428

Mailing List mailing-list x_refsource_mlist

http://marc.info/?l=oss-security&m=127051570728944&w=2

Exploit x_refsource_misc

http://www.indahax.com/exploits/opendchub-0-8-1-remote-code-execution-exploit#more-600

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/040421.html

Issue Tracking x_refsource_misc

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576308

Scores

EPSS 0.0817

EPSS Percentile 94.1%

Details

CWE

CWE-119

Status published

Products (1)

roshan_singh/open_direct_connect_hub 0.8.1

Published Apr 06, 2010

Tracked Since Feb 18, 2026