Vulnerabilities > CVE-2000-0359 - Unspecified vulnerability in Acme Labs Thttpd

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

acme-labs

critical

nessus

NVD

Published: 2000-10-20

Updated: 2008-09-10

Summary

Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header.

Vulnerable Configurations

Part	Description	Count
Application	Acme_Labs Acme Labs Thttpd 1.90A Acme Labs Thttpd 1.95 Acme Labs Thttpd 2.0 Acme Labs Thttpd 2.0.1 Acme Labs Thttpd 2.0.2 Acme Labs Thttpd 2.0.3 Acme Labs Thttpd 2.0.4	7

Nessus

NASL family	Web Servers
NASL id	THTTPD_BUFFER_OVERFLOW.NASL
description	It is possible to make the remote thttpd server execute arbitrary code by sending a request like : GET / HTTP/1.0 If-Modified-Since: AAA[...]AAAA An attacker may use this to gain control on your computer.
last seen	2020-06-01
modified	2020-06-02
plugin id	10285
published	1999-11-14
reporter	This script is Copyright (C) 1999-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10285
title	thttpd 2.04 If-Modified-Since Header Remote Buffer Overflow

Summary

Vulnerable Configurations

Nessus

References