CVE-2012-5345

IpTools 0.1.4 - Denial of Service via Long String to TCP Port 23

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-5345. PoCs published by demonalex.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in IPtools 0.1.4's Rcmd service by sending more than 255 characters to TCP port 23, causing a denial-of-service or potential remote code execution. The PoC demonstrates the crash condition but does not include shellcode for RCE.

Description

Buffer overflow in the Remote command server (Rcmd.bat) in IpTools (aka Tiny TCP/IP server) 0.1.4 allows remote attackers to cause a denial of service (crash) via a long string to TCP port 23.

Exploits (1)

exploitdb WORKING POC VERIFIED

by demonalex · perlremotewindows

https://www.exploit-db.com/exploits/36514

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in IPtools 0.1.4's Rcmd service by sending more than 255 characters to TCP port 23, causing a denial-of-service or potential remote code execution. The PoC demonstrates the crash condition but does not include shellcode for RCE.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: IPtools (Tiny TCP/IP server) 0.1.4

No auth needed

Prerequisites: Network access to the target's TCP port 23

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2012-01/0046.html

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/51312

Scores

EPSS 0.0807

EPSS Percentile 92.4%

Details

CWE

CWE-119

Status published

Products (1)

kepler_lam/iptools 0.1.4

Published Oct 09, 2012

Tracked Since Feb 18, 2026