What is CVE-2004-2687?

CVE-2004-2687 is a vulnerability in N/a. Published 2007-09-23.

Is CVE-2004-2687 known to be exploited?

48 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2004-2687

distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization chec…

EPSS: 0.905 (99.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

20050310 XCode 1.5 and distcc 2.x Exploit (mailing-list, x_refsource_BUGTRAQ)
13378 (x_refsource_OSVDB, vdb-entry)
[distcc] 20040826 Exploit in distcc ( got compromised ;( ) (mailing-list, x_refsource_MLIST)
www.metasploit.org/projects/Framework/exploits.html (x_refsource_MISC)
distcc.samba.org/security.html (x_refsource_CONFIRM)
[distcc] 20040826 Exploit in distcc ( got compromised ;( ) (mailing-list, x_refsource_MLIST)

Frequently asked questions

What is CVE-2004-2687?: CVE-2004-2687 is a vulnerability in N/a. Published 2007-09-23.
Is CVE-2004-2687 known to be exploited?: 48 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.