CVE-1999-0996

Infoseek Ultraseek Server - Remote Code Execution via Long GET Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0996. PoCs published by Ussr Labs.

AI-analyzed exploit summary The provided text describes a buffer overflow vulnerability in Infoseek's Ultraseek enterprise search server, which listens on port 8765. The vulnerability allows arbitrary code execution via an overflow in the GET command handler.

Description

Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Ussr Labs · textremotewindows

https://www.exploit-db.com/exploits/19679

View Code ZIP pw:eip

The provided text describes a buffer overflow vulnerability in Infoseek's Ultraseek enterprise search server, which listens on port 8765. The vulnerability allows arbitrary code execution via an overflow in the GET command handler.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Infoseek Ultraseek enterprise search server

No auth needed

Prerequisites: Network access to port 8765 on the target server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources third-party-advisory x_refsource_eeye

http://www.eeye.com/html/Research/Advisories/AD19991215.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/6490

Scores

EPSS 0.0771

EPSS Percentile 93.8%

Details

Status published

Products (1)

infoseek/ultraseek_server 3.1

Published Dec 15, 1999

Tracked Since Feb 18, 2026