|
| 1 | +[basic] |
| 2 | +description = "DistCC 分布式编译器守护进程(distccd)存在命令执行漏洞,当服务器未配置访问限制时,远程攻击者可通过向守护进程发送特制的编译任务请求,从而在目标服务器上以守护进程权限执行任意系统命令。该漏洞影响 distcc 2.x 版本(含 XCode 1.5 等集成产品),CVSS 评分 9.3,危害等级严重。建议配置访问控制列表或使用 SSH 加密模式修复。" |
| 3 | +published = "2004-12-31T05:00:00.000" |
| 4 | +remediation = "配置 distccd 的 `--allow` 参数仅允许受信 IP 段(如 `distccd --allow 192.168.1.0/24`),或改用 SSH 加密隧道模式 (`--ssh`) 传输编译任务;在防火墙层面限制 3632 端口的入站访问,仅对编译客户端开放;升级至 distcc 3.0 及以上版本可获得更完善的访问控制机制。" |
| 5 | +score = 9.3 |
| 6 | +severity = "CRITICAL" |
| 7 | +sources = ["nuclei"] |
| 8 | +title = "DistCC 守护进程远程代码执行漏洞" |
| 9 | +updated = "2026-06-16T22:10:08.157" |
| 10 | + |
| 11 | +[exploit] |
| 12 | +exp_urls = [] |
| 13 | +poc_urls = [] |
| 14 | + |
| 15 | +[id] |
| 16 | +aliases = ["CVE-2004-2687"] |
| 17 | +ave_id = "AVE-2004-0007" |
| 18 | + |
| 19 | +[meta] |
| 20 | +collected_at = "2026-07-15T00:00:00Z" |
| 21 | +status = "completed" |
| 22 | + |
| 23 | +[references] |
| 24 | +urls = [ |
| 25 | + "http://archives.neohapsis.com/archives/bugtraq/2005-03/0183.html", |
| 26 | + "http://distcc.samba.org/security.html", |
| 27 | + "http://lists.samba.org/archive/distcc/2004q3/002550.html", |
| 28 | + "http://lists.samba.org/archive/distcc/2004q3/002562.html", |
| 29 | + "http://www.metasploit.org/projects/Framework/exploits.html#distcc_exec", |
| 30 | + "http://www.osvdb.org/13378", |
| 31 | + "https://www.exploit-db.com/exploits/9915", |
| 32 | + "https://github.com/projectdiscovery/nuclei-templates/blob/main/network/cves/2004/CVE-2004-2687.yaml", |
| 33 | + "https://github.com/trickest/cve/blob/a90de4f84b4783951362f491671e1e9decfc17cb/2004/CVE-2004-2687.md", |
| 34 | + "https://github.com/nomi-sec/PoC-in-GitHub/blob/a8dd65f3bd9f09f4c40ddbec294c8d30c1b24bd7/2004/CVE-2004-2687.json", |
| 35 | + "https://github.com/projectdiscovery/nuclei-templates/blob/69a5a3cf926251a00061ec14d208b227367df73d/network/cves/2004/CVE-2004-2687.yaml", |
| 36 | + "https://github.com/arschlochnop/VulnWatchdog/blob/461e9fce2382e9802c4bb94efd2da8b5153bbbe3/data/2004/CVE-2004-2687-k4miyo_CVE-2004-2687.md", |
| 37 | + "https://github.com/rix4uni/cvemapping/blob/72a822f4866721f573938ebc544bcc94c22a338d/2004/CVE-2004-2687/exploit.py", |
| 38 | + "https://github.com/LiuCan01/cve-list-pro/blob/78b55511cee3604c22d518e32822f0435d0cacc0/cve-list/CVE-2004/CVE-2004-2687", |
| 39 | + "https://github.com/HackTricks-wiki/hacktricks/blob/93cd73b85df95ce61853ae639be6d25e8cf3eeb6/src/network-services-pentesting/3632-pentesting-distcc.md", |
| 40 | + "https://github.com/adampielak/nuclei-templates/blob/ac9605f5a915670fd80cb4e1904f4435f1835b65/nuclei-v3/C/CVE-2004-2687_3.yaml", |
| 41 | + "https://github.com/ycdxsb/PocOrExp_in_Github/blob/4fbd60af032aab6c0dd5800ec5f5834d73216d1f/2004/README.md", |
| 42 | + "https://github.com/sari3l/Poc-Monitor/blob/372603f08cfb4e5ff7a25a1c0e01dd52b610397e/2004/CVE-2004-2687.json", |
| 43 | + "https://github.com/h3x0v3rl0rd/distccd_rce_CVE-2004-2687", |
| 44 | + "https://github.com/k4miyo/CVE-2004-2687", |
| 45 | + "https://github.com/angelpimentell/distcc_cve_2004-2687_exploit", |
| 46 | + "https://github.com/micheaol/distccd_rce_CVE-2004-2687", |
| 47 | + "https://github.com/nulltrace1336/Metasploitable-2-Distcc-Exploit-via-Kali-Linux-CVE-2004-2687", |
| 48 | +] |
0 commit comments