Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0173

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2001-0173
Last Modified 05 Sep 2008 04:23:27
Published 03 May 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0173

Summary

Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header.

Vulnerable Systems

Application

  • Nobreak Technologies Crazywwwboard 2000.0lepx

  • Nobreak Technologies Crazywwwboard 2000.0px

  • Nobreak Technologies Crazywwwboard 2000lepx

  • Nobreak Technologies Crazywwwboard 2000px

  • Nobreak Technologies Crazywwwboard 3.0.1

  • Nobreak Technologies Crazywwwboard 98

  • Nobreak Technologies Crazywwwboard 98pe

  • Qdecoder 4.0

  • Qdecoder 4.0.1

  • Qdecoder 4.3

  • Qdecoder 4.3.1

  • Qdecoder 5.0

  • Qdecoder 5.0.1

  • Qdecoder 5.0.2

  • Qdecoder 5.0.3


References

BID - 2329

XF - crazywwwboard-qdecoder-bo

BUGTRAQ - 20010130 Nobreak Tecnologies CrazyWWWBoard Remote Buffer Overflow


Last Updated: 27 May 2016 10:36:10