CVE-2012-4415

Fedora < 0.6.2 - Memory Corruption

Title source: rule

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-4415. PoCs published by Michael Jumper.

AI-analyzed exploit summary This exploit leverages a buffer overflow in libguac (CVE-2012-4415) to achieve remote code execution via return-to-libc on Debian i386 systems. It sends a crafted payload to guacd on port 4822, bypassing non-executable stack protections.

Description

Stack-based buffer overflow in the guac_client_plugin_open function in libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long protocol name.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Michael Jumper · pythonremotelinux

https://www.exploit-db.com/exploits/37788

View Code ZIP pw:eip

This exploit leverages a buffer overflow in libguac (CVE-2012-4415) to achieve remote code execution via return-to-libc on Debian i386 systems. It sends a crafted payload to guacd on port 4822, bypassing non-executable stack protections.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: guacd 0.6.0-1

No auth needed

Prerequisites: Network access to guacd on port 4822 · Target running Debian i386 with guacd 0.6.0-1

MITRE ATT&CK