CVE-1999-0931

Mediahouse Statistics Server - Remote Code Execution via Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0931. PoCs published by Per Bergehed.

AI-analyzed exploit summary This Perl script exploits a buffer overflow vulnerability in Mediahouse Statistics Server by sending overly long strings to the 'Server ID' field, causing a denial-of-service (DoS). It targets versions 4.28 and 5.01 running on Windows NT 4.0.

Description

Buffer overflow in Mediahouse Statistics Server allows remote attackers to execute commands.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Per Bergehed · perldoswindows

https://www.exploit-db.com/exploits/19562

View Code ZIP pw:eip

This Perl script exploits a buffer overflow vulnerability in Mediahouse Statistics Server by sending overly long strings to the 'Server ID' field, causing a denial-of-service (DoS). It targets versions 4.28 and 5.01 running on Windows NT 4.0.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Mediahouse Statistics Server 4.28, 5.01

No auth needed

Prerequisites: Network access to the target server · Target server running vulnerable version of Mediahouse Statistics Server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/734

Scores

EPSS 0.0697

EPSS Percentile 93.3%

Details

Status published

Products (2)

mediahouse_software/statistics_server 4.28

mediahouse_software/statistics_server 5.0

Published Sep 30, 1999

Tracked Since Feb 18, 2026