AnalogX SimpleServer:WWW 1.0.1 - GET Buffer Overflow
| EKU-ID: 25294 | CVE: CVE-2000-0011;OSVDB-1184 | OSVDB-ID: |
| Author: Ussr Labs | Published: 1999-12-31 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 25294 | CVE: CVE-2000-0011;OSVDB-1184 | OSVDB-ID: |
| Author: Ussr Labs | Published: 1999-12-31 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/906/info The SimpleServer:WWW personal webserver package from AnalogX can be compromised due to an overflowable buffer. If a GET request longer than 1000 bytes is received, the software will crash and data from the request gets pased to the EIP, meaning that an exploit could be created to run arbitrary code. DoS attack: GET [1000 bytes] HTTP/1.1