Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote malicious users to execute arbitrary code via a long DNS command.
/*
Netcat v11, "-e" Switch, Remote Buffer Overflow Exploit v01
Homepage: wwwsecurityfocuscom/tools/139/scoreit
Affected versions: v11
Fix: Actually none, Hobbit is warned 1 month+ ago, and looks like
to not act, we let him to spread a backdoor :)
Risk: Highly ...
##
# $Id: netcat110_ntrb 9587 2010-06-22 23:57:05Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions Please see the Metasploit
# Framework web site for more information on licensing and terms of use
# metasploitcom/framework/
##
require 'msf/core'
class Me ...