CVE-2001-0029

oops_proxy_server 1.4.6 - Remote Code Execution via Long Hostname Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0029. PoCs published by diman.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in oops-1.4.6 proxy server on FreeBSD 4.x. It uses a hardcoded return address and shellcode to achieve remote code execution, with techniques to handle shellcode placement and corruption.

Description

Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other versions) allows remote attackers to execute arbitrary commands via a long host or domain name that is obtained from a reverse DNS lookup.

Exploits (1)

exploitdb WORKING POC VERIFIED
by diman · cremotebsd
https://www.exploit-db.com/exploits/228

This exploit targets a buffer overflow vulnerability in oops-1.4.6 proxy server on FreeBSD 4.x. It uses a hardcoded return address and shellcode to achieve remote code execution, with techniques to handle shellcode placement and corruption.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: oops-1.4.6
No auth needed
Prerequisites: Network access to the target server · Target running oops-1.4.6 on FreeBSD 4.x
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2099
Various Sources x_refsource_misc
http://zipper.paco.net/~igor/oops/ChangeLog
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6122
Exploit mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-12/0158.html

Scores

EPSS 0.0609
EPSS Percentile 92.5%

Details

Status published
Products (1)
igor_khasilev/oops_proxy_server 1.4.22
Published Feb 12, 2001
Tracked Since Feb 18, 2026