CVE-2000-0405
published 2000-05-16CVE-2000-0405: Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet.
PriorityP341critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
8.35%
94.3th percentile
Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atstake | antisniff | — | — |
| atstake | antisniff | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL FTP CWD overflow attempt
suricata·2010-09-23
CVE-1999-0219 GPL FTP CWD overflow attempt
GPL FTP CWD overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP CWD overflow attempt"; flow:established,to_server; content:"CWD"; nocase; isdataat:100,relative; pcre:"/^CWD\s[^\n]{100}/smi"; reference:bugtraq,11069; reference:bugtraq,1227; reference:bugtraq,1690; reference:bugtraq,6869; reference:bugtraq,7251; reference:bugtraq,7950; reference:cve,1999-0219; reference:cve,1999-1058; reference:cve,1999-1510; reference:cve,2000-1035; reference:cve,2000-1194; reference:cve,2001-0781; reference:cve,2002-0126; reference:cve,2002-0405; classtype:attempted-admin; sid:2101919; rev:25; metadata:created_at 2010_09_23, cve CVE_1999_0219, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Exploit-DB
Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (2)
exploitdb·2000-05-16
CVE-2000-0405 Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (2)
Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (2)
---
// source: https://www.securityfocus.com/bid/1207/info
Certain versions of @Stake Inc.'s Antisniffer software contain a remotely exploitable buffer overflow. AntiSniff is a program that was released by L0pht Heavy Industries in July of 1999. It attempts, through a number of tests, to determine if a machine on a local network segment is listening to traffic that is not directed to it (commonly referred to as sniffing). During one particular test there is a problem if a packet that does not adhere to DNS specifications is sent to the AntiSniff machine. This can result in a buffer overflow on the system running AntiSniff. If the packet is crafted appropriately this overflow scenario can be exploited to execute arbitrary code on t
Exploit-DB
Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (1)
exploitdb·2000-05-16
CVE-2000-0405 Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (1)
Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (1)
---
// source: https://www.securityfocus.com/bid/1207/info
Certain versions of @Stake Inc.'s Antisniffer software contain a remotely exploitable buffer overflow. AntiSniff is a program that was released by L0pht Heavy Industries in July of 1999. It attempts, through a number of tests, to determine if a machine on a local network segment is listening to traffic that is not directed to it (commonly referred to as sniffing). During one particular test there is a problem if a packet that does not adhere to DNS specifications is sent to the AntiSniff machine. This can result in a buffer overflow on the system running AntiSniff. If the packet is crafted appropriately this overflow scenario can be exploited to execute arbitrary code on t
Exploit-DB
Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (3)
exploitdb·2000-05-16
CVE-2000-0405 Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (3)
Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (3)
---
// source: https://www.securityfocus.com/bid/1207/info
Certain versions of @Stake Inc.'s Antisniffer software contain a remotely exploitable buffer overflow. AntiSniff is a program that was released by L0pht Heavy Industries in July of 1999. It attempts, through a number of tests, to determine if a machine on a local network segment is listening to traffic that is not directed to it (commonly referred to as sniffing). During one particular test there is a problem if a packet that does not adhere to DNS specifications is sent to the AntiSniff machine. This can result in a buffer overflow on the system running AntiSniff. If the packet is crafted appropriately this overflow scenario can be exploited to execute arbitrary code on t
No writeups or analysis indexed.
2000-05-16
Published