header-logo
Suggest Exploit
vendor:
Surfboard httpd
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: Surfboard httpd
Affected Version From: 1.1.2009
Affected Version To: Unknown
Patch Exists: YES
Related CWE: N/A
CPE: //a:surfboard_httpd
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Unknown
2002

Surfboard httpd Remote Buffer Overflow Vulnerability

It has been reported that Surfboard httpd is prone to a remote buffer overflow condition that may allow an attacker to gain unauthorized access to a system running the vulnerable software. The issue presents itself when an attacker sends a specially crafted URL request with more than 1024 characters to the server daemon.

Mitigation:

Ensure that all software is up to date and patched with the latest security updates.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9299/info

It has been reported that Surfboard httpd is prone to a remote buffer overflow condition that may allow an attacker to gain unauthorized access to a system running the vulnerable software. The issue presents itself when an attacker sends a specially crafted URL request with more than 1024 characters to the server daemon.

Surfboard version 1.1.9 has been reported to be prone to this issue, however, other versions may be affected as well. 

GET /AAAAAAAAAAAA..x1024++ HTTP/1.1\r\n\r\n

Navigation

Suggest Exploit

Services By CQR