CVE-2001-0419
Oracle Application Server 4.0.8.2 - Buffer Overflow via Long HTTP Request
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2001-0419. PoCs published by Fyodor Yarochkin.
AI-analyzed exploit summary This exploit demonstrates a buffer overflow in the 'ndwfn4.so' library of Oracle Application Server by sending a crafted HTTP GET request with a long string of 'A' characters. The overflow causes the iPlanet web server to crash, potentially allowing arbitrary code execution.
Description
Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iWS) 4.1, when used as a web listener for Oracle application server 4.0.8.2, allows remote attackers to execute arbitrary commands via a long HTTP request that is passed to the application server, such as /jsp/.
Exploits (1)
This exploit demonstrates a buffer overflow in the 'ndwfn4.so' library of Oracle Application Server by sending a crafted HTTP GET request with a long string of 'A' characters. The overflow causes the iPlanet web server to crash, potentially allowing arbitrary code execution.