Vulnerabilities > CVE-2007-4060 - Buffer Overflow vulnerability in Frank Yaul Corehttp 0.5.3Alpha

047910
CVSS 9.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
COMPLETE
network
low complexity
frank-yaul
critical
exploit available

Summary

Multiple buffer overflows in the HttpSprockMake function in http.c in Frank Yaul corehttp 0.5.3alpha allow remote attackers to execute arbitrary code via a long string in the (1) method name or (2) URI in an HTTP request.

Vulnerable Configurations

Part Description Count
Application
Frank_Yaul
1

Exploit-Db

descriptioncorehttp 0.5.3alpha (httpd) Remote Buffer Overflow Exploit. CVE-2007-4060. Remote exploit for linux platform
fileexploits/linux/remote/4243.c
idEDB-ID:4243
last seen2016-01-31
modified2007-07-29
platformlinux
port80
published2007-07-29
reportervade79
sourcehttps://www.exploit-db.com/download/4243/
titleCoreHTTP 0.5.3alpha httpd - Remote Buffer Overflow Exploit
typeremote

Seebug

bulletinFamilyexploit
descriptionNo description provided by source.
idSSV:18437
last seen2017-11-19
modified2009-12-02
published2009-12-02
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-18437
titleCoreHTTP web server off-by-one buffer overflow vulnerability