Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Remote Heap Based Buffer Overflow in Sphiro HTTPD - exploit.company
header-logo
Suggest Exploit
vendor:
Sphiro HTTPD
by:
7.5
CVSS
HIGH
Heap Based Buffer Overflow
120
CWE
Product Name: Sphiro HTTPD
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Remote Heap Based Buffer Overflow in Sphiro HTTPD

Sphiro HTTPD is prone to a remote heap based buffer overflow vulnerability. This issue is due to a failure of the application to properly verify buffer boundaries before storing input in fixed buffers. Immediate consequences of this attack may cause the affected daemon to crash, denying service to legitimate users. Furthermore, due to the nature this issue, arbitrary code execution may be possible. This would occur in the context running daemon process.

Mitigation:

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10249/info

It has been reported that Sphiro HTTPD is prone to a remote heap based buffer overflow vulnerability. This issue is due to a failure of the application to properly verify buffer boundaries before storing input in fixed buffers.

Immediate consequences of this attack may cause the affected daemon to crash, denying service to legitimate users. Furthermore, due to the nature this issue, arbitrary code execution may be possible. This would occur in the context running daemon process.

perl -e 'print "GET HTTP/1.1" . "A"x1000 . "\n\n"' |nc www.example.com 80

Navigation

Suggest Exploit

Services By CQR