Vulnerabilities > CVE-2000-1186 - Unspecified vulnerability in PHF

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

phf

exploit available

NVD

Published: 2001-01-09

Updated: 2017-12-19

Summary

Buffer overflow in phf CGI program allows remote attackers to execute arbitrary commands by specifying a large number of arguments and including a long MIME header.

Vulnerable Configurations

Part	Description	Count
Application	Phf PHF PHF *	1

Exploit-Db

description	phf buffer overflow exploit for Linux-x86. CVE-2000-1186. Webapps exploit for cgi platform
id	EDB-ID:211
last seen	2016-01-31
modified	2000-12-01
published	2000-12-01
reporter	proton
source	https://www.exploit-db.com/download/211/
title	PHF - Buffer Overflow Exploit for Linux-x86

References

http://archives.neohapsis.com/archives/bugtraq/2000-11/0221.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/5970