Vulnerabilities > CVE-2003-1247 - Remote Buffer Overrun vulnerability in Positive Software H-Sphere 2.3Rc3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description H-Sphere Webshell 2.4 remote root exploit. CVE-2003-1247. Remote exploit for linux platform id EDB-ID:22129 last seen 2016-02-02 modified 2003-01-06 published 2003-01-06 reporter Carl Livitt source https://www.exploit-db.com/download/22129/ title H-Sphere Webshell 2.4 - Remote Root Exploit description H-Sphere Webshell 2.4 local root exploit. CVE-2003-1247. Local exploit for linux platform id EDB-ID:22128 last seen 2016-02-02 modified 2003-01-06 published 2003-01-06 reporter Carl Livitt source https://www.exploit-db.com/download/22128/ title H-Sphere Webshell 2.4 - Local Root Exploit
References
- http://psoft.net/misc/webshell_patch.html
- http://secunia.com/advisories/7832
- http://www.iss.net/security_center/static/10999.php
- http://www.iss.net/security_center/static/11002.php
- http://www.iss.net/security_center/static/11003.php
- http://www.securityfocus.com/archive/1/305313
- http://www.securityfocus.com/bid/6527
- http://www.securityfocus.com/bid/6537
- http://www.securityfocus.com/bid/6538
- http://www.securityfocus.com/bid/6540
- http://www.securitytracker.com/id?1005893