CVE-2000-0257

Novell NetWare - Buffer Overflow via Long URL

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0257. PoCs published by Michal Zalewski.

AI-analyzed exploit summary This script exploits a buffer overflow in the Netware Remote Administration utility by sending a maliciously crafted GET request with a large payload (4093 'A' characters) to trigger a DoS or potential arbitrary code execution. The script repeatedly sends these requests to exhaust the TCP/IP subsystem.

Description

Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Michal Zalewski · bashdosnetware

https://www.exploit-db.com/exploits/19854

View Code ZIP pw:eip

This script exploits a buffer overflow in the Netware Remote Administration utility by sending a maliciously crafted GET request with a large payload (4093 'A' characters) to trigger a DoS or potential arbitrary code execution. The script repeatedly sends these requests to exhaust the TCP/IP subsystem.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Netware Remote Administration utility (version not specified)

No auth needed

Prerequisites: Network access to the target server · Netware Remote Administration utility running on port 8008

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1118

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0004171825340.10088-100000%40nimue.tpi.pl

Scores

EPSS 0.0348

EPSS Percentile 87.6%

Details

Status published

Products (1)

novell/netware 5.1

Published Apr 19, 2000

Tracked Since Feb 18, 2026