Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026

CVE-2004-2687

Description

distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.

Affected products

Apple Inc./Xcode
cpe:2.3:a:apple:xcode:1.5:*:*:*:*:*:*:*
Samba (software)/Samba
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Range: <=2.18.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.metasploit.org/projects/Framework/exploits.htmlnvdExploit
archives.neohapsis.com/archives/bugtraq/2005-03/0183.htmlnvd
distcc.samba.org/security.htmlnvd
lists.samba.org/archive/distcc/2004q3/002550.htmlnvd
lists.samba.org/archive/distcc/2004q3/002562.htmlnvd
www.osvdb.org/13378nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.072
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000