CVE-2000-0626

Alibaba - Denial of Service via Long GET Request

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2000-0626. PoCs published by wildcoyote, Prizm.

AI-analyzed exploit summary This exploit sends an abnormally long GET request (> 8000 bytes) to Alibaba Web Server 2.0, causing a denial of service by crashing the service. The PoC allocates a buffer, fills it with 'A' characters, and sends it to the target server.

Description

Buffer overflow in Alibaba web server allows remote attackers to cause a denial of service via a long GET request.

Exploits (2)

exploitdb WORKING POC VERIFIED

by wildcoyote · cdoswindows

https://www.exploit-db.com/exploits/20080

View Code ZIP pw:eip

This exploit sends an abnormally long GET request (> 8000 bytes) to Alibaba Web Server 2.0, causing a denial of service by crashing the service. The PoC allocates a buffer, fills it with 'A' characters, and sends it to the target server.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Alibaba Web Server 2.0

No auth needed

Prerequisites: Network access to the target server · Target server running Alibaba Web Server 2.0

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Prizm · textremotecgi

https://www.exploit-db.com/exploits/20085

View Code ZIP pw:eip

The exploit demonstrates command injection in Alibaba Web Server by appending piped commands to CGI script URLs. This allows arbitrary command execution with the privileges of the web server process.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Alibaba Web Server

No auth needed

Prerequisites: Target running Alibaba Web Server with vulnerable CGI scripts

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1482

Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2000-07/0237.html

Scores

EPSS 0.0609

EPSS Percentile 92.5%

Details

Status published

Products (1)

computer_software_manufaktur/alibaba 2.0

Published Jul 18, 2000

Tracked Since Feb 18, 2026