CVE-1999-1030

Web Page Counter 2.70 - Denial of Service via Newline in HTTP Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-1030. PoCs published by David Litchfield.

AI-analyzed exploit summary The exploit describes a denial of service vulnerability in counter.exe where malformed input via URL parameters causes an access violation or resource exhaustion. No executable code is provided, only a technical description of the attack vectors.

Description

counter.exe 2.70 allows a remote attacker to cause a denial of service (hang) via an HTTP request that ends in %0A (newline), which causes a malformed entry in the counter log that produces an access violation.

Exploits (1)

exploitdb WRITEUP VERIFIED

by David Litchfield · textdosmultiple

https://www.exploit-db.com/exploits/19212

View Code ZIP pw:eip

The exploit describes a denial of service vulnerability in counter.exe where malformed input via URL parameters causes an access violation or resource exhaustion. No executable code is provided, only a technical description of the attack vectors.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Theoretical

Target: counter.exe (version unspecified)

No auth needed

Prerequisites: Access to the target web server hosting counter.exe

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Mailing List mailing-list x_refsource_ntbugtraq

http://marc.info/?l=ntbugtraq&m=92707671717292&w=2

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=92713790426690&w=2

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/267

Scores

EPSS 0.0714

EPSS Percentile 93.5%

Details

Status published

Products (1)

behold_software/web_page_counter 2.7

Published May 19, 1999

Tracked Since Feb 18, 2026