header-logo
Suggest Exploit
vendor:
SimpleServer:WWW
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: SimpleServer:WWW
Affected Version From: 1
Affected Version To: 1
Patch Exists: YES
Related CWE: CVE-2001-0206
CPE: a:analogx:simpleserver:1.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2001

SimpleServer:WWW Buffer Overflow

SimpleServer:WWW is vulnerable to a buffer overflow attack when a GET request longer than 1000 bytes is received. This can lead to arbitrary code execution on the vulnerable system.

Mitigation:

Upgrade to the latest version of SimpleServer:WWW
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/906/info

The SimpleServer:WWW personal webserver package from AnalogX can be compromised due to an overflowable buffer. If a GET request longer than 1000 bytes is received, the software will crash and data from the request gets pased to the EIP, meaning that an exploit could be created to run arbitrary code.

DoS attack:
GET [1000 bytes] HTTP/1.1

Navigation

Suggest Exploit

Services By CQR