Vulnerabilities > CVE-2002-1904 - Buffer Overflow vulnerability in ghttpd Log() Function

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

gaztek

exploit available

NVD

Published: 2002-12-31

Updated: 2008-09-05

Summary

Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request.

Vulnerable Configurations

Part	Description	Count
Application	Gaztek Gaztek Ghttpd 1.4 Gaztek Ghttpd 1.4.1 Gaztek Ghttpd 1.4.2 Gaztek Ghttpd 1.4.3	4

Exploit-Db

description	ghttpd 1.4 Daemon Buffer Overflow Vulnerability. CVE-2001-0820,CVE-2002-1904. Remote exploit for linux platform
id	EDB-ID:20929
last seen	2016-02-02
modified	2001-06-17
published	2001-06-17
reporter	qitest1
source	https://www.exploit-db.com/download/20929/
title	ghttpd 1.4 Daemon Buffer Overflow Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References