CVE-2004-2687

CVE Database · CVE-2004-2687

CVE-2004-2687

· N/AModified

CVSS v3.1

N/A

EPSS

80.98%

Published

Dec 31, 2004

Modified

Apr 15, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBDistCC Daemon - Command Execution (Metasploit)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.

Weaknesses (CWE)

CWE-16

Affected Products (2)

apple · xcodevulnerable

samba · sambavulnerable

References (12)

http://archives.neohapsis.com/archives/bugtraq/2005-03/0183.html

http://distcc.samba.org/security.html

http://lists.samba.org/archive/distcc/2004q3/002550.html

http://lists.samba.org/archive/distcc/2004q3/002562.html

http://www.metasploit.org/projects/Framework/exploits.html#distcc_exec

Exploit

http://www.osvdb.org/13378

http://archives.neohapsis.com/archives/bugtraq/2005-03/0183.html

http://distcc.samba.org/security.html

http://lists.samba.org/archive/distcc/2004q3/002550.html

http://lists.samba.org/archive/distcc/2004q3/002562.html

http://www.metasploit.org/projects/Framework/exploits.html#distcc_exec

KEV Catalog EPSS Scores Vendors All CVEs