Vulnerabilities > CVE-2002-1496 - Remote Heap Overflow vulnerability in Null HTTPd
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute arbitrary code via a negative value in the Content-Length HTTP header.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Null HTTPd 0.5 Remote Heap Overflow Vulnerability. CVE-2002-1496. Remote exploit for linux platform |
id | EDB-ID:21818 |
last seen | 2016-02-02 |
modified | 2002-09-23 |
published | 2002-09-23 |
reporter | eSDee |
source | https://www.exploit-db.com/download/21818/ |
title | Null HTTPd 0.5 - Remote Heap Overflow Vulnerability |
Nessus
NASL family | Web Servers |
NASL id | NULLHTTPD_CONTENT_LENGTH.NASL |
description | The NullLogic Null HTTPd web server crashed when sent an invalid POST HTTP request with a negative Content-Length field. An attacker may exploit this flaw to disable your service or even execute arbitrary code on your system. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11183 |
published | 2002-12-02 |
reporter | This script is Copyright (C) 2002-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/11183 |
title | Null httpd Content-Length Header Handling Remote Overflow |
code |
|