SCAN: Netcat 1.1 doexec.c Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Netcat 1.1. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.
Extended Description
NetCat is prone to a remotely exploitable buffer overflow. This issue is exposed when the program handles a client request when listening in exec mode, which is specified by the '-e' command line option. Successful exploitation will allow execution of arbitrary code in the context of the program. It is noted that this issue affects the Windows port, and is not known or confirmed to affect the UNIX-based netcat utility.
Affected Products
Netcat netcat
Short Name
SCAN:MISC:NETCAT-DOEXEC-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SCAN
Keywords
1.1 Buffer CVE-2004-1317 Netcat Overflow bid:12106 doexec.c
Release Date
02/26/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3564
Port
TCP/1234
False Positive
Unknown
Vendors
Netcat
CVSS Score
7.5