Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0899

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0899
Last Modified 10 Sep 2008 03:20:54
Published 03 Nov 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0899

Summary

Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "<" and ">" sequences.

Vulnerable Systems

Application

  • Acme Labs Thttpd 2.21

  • Acme Labs Thttpd 2.21b

  • Acme Labs Thttpd 2.22

  • Acme Labs Thttpd 2.23b1


References

XF - thttpd-defang-bo(13530)

BID - 8906

SECUNIA - 10092

DEBIAN - DSA-396

BUGTRAQ - 20031027 Remote overflow in thttpd

OSVDB - 2729


Last Updated: 27 May 2016 10:38:06