Vulnerabilities > CVE-2002-1865 - Denial of Service vulnerability in Multiple Vendor Access Point Embedded HTTP Server

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

d-link

linksys

exploit available

NVD

Published: 2002-12-31

Updated: 2008-09-05

Summary

Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header.

Vulnerable Configurations

Part	Description	Count
Hardware	D-Link D Link DI 804 4.68 D Link DL 704 2.56_B5 D Link DL 704 2.56_B6	3
Hardware	Linksys Linksys Befw11S4 1.4.2.7 Linksys Befw11S4 1.37.2 Linksys Befw11S4 1.37.2B Linksys Befw11S4 1.37.9B Linksys Befw11S4 1.40.3 Linksys Befw11S4 1.42.7 Linksys Wap11 1.3 Linksys Wap11 1.4	8

Exploit-Db

description	Linksys WAP11 1.3/1.4,D-Link DI-804 4.68/Dl-704 2.56 b5 Embedded HTTP Server DoS Vulnerability. CVE-2002-1865 . Dos exploit for hardware platform
id	EDB-ID:21978
last seen	2016-02-02
modified	2002-11-01
published	2002-11-01
reporter	Mark Litchfield
source	https://www.exploit-db.com/download/21978/
title	Linksys WAP11 1.3/1.4,D-Link DI-804 4.68/Dl-704 2.56 b5 Embedded HTTP Server DoS Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References