CVE-2001-0476

Swsoft Aspseek < 1.0.3 - Buffer Overflow

Title source: rule

Description

Multiple buffer overflows in s.cgi program in Aspseek search engine 1.03 and earlier allow remote attackers to execute arbitrary commands via (1) a long HTTP query string, or (2) a long tmpl parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by teleh0r · perlremotecgi

https://www.exploit-db.com/exploits/20689

View Code ZIP pw:eip

References (4)

[Exploit, Vendor Advisory] http://archives.neohapsis.com/archives/bugtraq/2001-03/0233.html

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/2492

[Patch] http://www.aspseek.org/changes.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/6248

Scores

EPSS 0.0530

EPSS Percentile 90.1%

Details

Status published

Products (2)

swsoft/aspseek 1.0

swsoft/aspseek < 1.0.3

Published Jun 27, 2001

Tracked Since Feb 18, 2026