CVE-2001-0302

Pi3Web 1.0.1 - Buffer Overflow via Long URL

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0302. PoCs published by joetesta.

AI-analyzed exploit summary The exploit describes a buffer overflow vulnerability in Pi3Web web server's ISAPI application, which can be triggered by sending a specially crafted URL with excessive 'A's. It also mentions an information disclosure issue where invalid URLs reveal the web root path.

Description

Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL.

Exploits (1)

exploitdb WRITEUP VERIFIED

by joetesta · textdoswindows

https://www.exploit-db.com/exploits/20634

View Code ZIP pw:eip

The exploit describes a buffer overflow vulnerability in Pi3Web web server's ISAPI application, which can be triggered by sending a specially crafted URL with excessive 'A's. It also mentions an information disclosure issue where invalid URLs reveal the web root path.

Classification

Writeup 90%

Attack Type

Dos | Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Pi3Web web server (version not specified)

No auth needed

Prerequisites: Network access to the target server · Pi3Web web server running with ISAPI support

MITRE ATT&CK

T1210 - Exploitation of Remote Services T1119 - Automated Collection

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2001-02/0316.html

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/2381

Scores

EPSS 0.0699

EPSS Percentile 93.3%

Details

Status published

Products (1)

pi3/pi3web 1.0.1

Published May 03, 2001

Tracked Since Feb 18, 2026