Vulnerabilities > CVE-2003-1247 - Unspecified vulnerability in Positive Software H-Sphere 2.3Rc3

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
positive-software
exploit available
NVD
Published: 2003-12-31
Updated: 2024-11-20

Summary

Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.

Vulnerable Configurations

Part Description Count
Application
Positive_Software
1

Exploit-Db

  • descriptionH-Sphere Webshell 2.4 remote root exploit. CVE-2003-1247. Remote exploit for linux platform
    idEDB-ID:22129
    last seen2016-02-02
    modified2003-01-06
    published2003-01-06
    reporterCarl Livitt
    sourcehttps://www.exploit-db.com/download/22129/
    titleH-Sphere Webshell 2.4 - Remote Root Exploit
  • descriptionH-Sphere Webshell 2.4 local root exploit. CVE-2003-1247. Local exploit for linux platform
    idEDB-ID:22128
    last seen2016-02-02
    modified2003-01-06
    published2003-01-06
    reporterCarl Livitt
    sourcehttps://www.exploit-db.com/download/22128/
    titleH-Sphere Webshell 2.4 - Local Root Exploit

References