Vulnerability Details : CVE-2004-2271
Public exploit exists!
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2004-2271
Probability of exploitation activity in the next 30 days: 79.81%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2004-2271
-
Minishare 1.4.1 Buffer Overflow
Disclosure Date: 2004-11-07First seen: 2020-04-26exploit/windows/http/minishare_get_overflowThis is a simple buffer overflow for the minishare web server. This flaw affects all versions prior to 1.4.2. This is a plain stack buffer overflow that requires a "jmp esp" to reach the payload, making this difficult to target many platforms at once. This
CVSS scores for CVE-2004-2271
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2004-2271
-
http://www.securityfocus.com/bid/11620
MiniShare Server Remote Buffer Overflow VulnerabilityExploit
-
http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0208.html
Vendor Advisory
-
http://www.securiteam.com/exploits/6X00B1PBPC.html
Exploit
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/17978
- http://sourceforge.net/project/shownotes.php?release_id=241158
-
http://securitytracker.com/id?1012106
Exploit
Products affected by CVE-2004-2271
- cpe:2.3:a:minishare:minimal_http_server:*:*:*:*:*:*:*:*