CVE-2001-0460

Websweeper 4.0 - Denial of Service via Large HTTP Referrer Header

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0460. PoCs published by honoriak.

AI-analyzed exploit summary This exploit sends an unusually long HTTP GET request to Baltimore Technology WEBsweeper, causing a denial of service by consuming all available memory on the target server. It establishes multiple connections and sends the malicious request in parallel.

Description

Websweeper 4.0 does not limit the length of certain HTTP headers, which allows remote attackers to cause a denial of service (memory exhaustion) via an extremely large HTTP Referrer: header.

Exploits (1)

exploitdb WORKING POC VERIFIED

by honoriak · cdoswindows

https://www.exploit-db.com/exploits/20681

View Code ZIP pw:eip

This exploit sends an unusually long HTTP GET request to Baltimore Technology WEBsweeper, causing a denial of service by consuming all available memory on the target server. It establishes multiple connections and sends the malicious request in parallel.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Baltimore Technology WEBsweeper

No auth needed

Prerequisites: Network access to the target server · Target server running Baltimore Technology WEBsweeper

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Patch, Vendor Advisory mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/167406

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/6214

Scores

EPSS 0.0527

EPSS Percentile 91.5%

Details

Status published

Products (1)

baltimore_technologies/websweeper 4.0

Published Jun 27, 2001

Tracked Since Feb 18, 2026