CVE-2001-0815

ActivePerl < 5.6.1.629 - Remote Code Execution via Long Filename HTTP Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2001-0815. PoCs published by Indigo, Sapient2003.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in ActivePerl's perlIIS.dll (CVE-2001-0815) by sending a crafted HTTP request with an overly long URL to trigger remote code execution. The shellcode connects back to an attacker-controlled host and port.

Description

Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Indigo · cremotewindows
https://www.exploit-db.com/exploits/21153

This exploit targets a buffer overflow vulnerability in ActivePerl's perlIIS.dll (CVE-2001-0815) by sending a crafted HTTP request with an overly long URL to trigger remote code execution. The shellcode connects back to an attacker-controlled host and port.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ActivePerl (builds prior to 630 of ActivePerl 5.6.1)
No auth needed
Prerequisites: Target must have the 'Check that file exists' option disabled in IIS · Attacker must know the target's IP and port · Attacker must have a listener set up on their specified host and port
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Sapient2003 · perlremotemultiple
https://www.exploit-db.com/exploits/21154

This exploit targets a buffer overflow in ActivePerl's perlIIS.dll via an unbounded string copy operation in URL handling. It sends a crafted HTTP GET request with a long string of 'A' characters to trigger the overflow.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: ActivePerl prior to build 630 of ActivePerl 5.6.1
No auth needed
Prerequisites: Target must have 'Check that file exists' option disabled · Target must be running a vulnerable version of ActivePerl
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Indigo · cremotelinux
https://www.exploit-db.com/exploits/21152

This exploit targets a buffer overflow vulnerability in ActivePerl's perlIIS.dll (CVE-2001-0815) by sending a crafted HTTP request with an overly long URL to trigger arbitrary code execution. The shellcode establishes a reverse shell connection to an attacker-controlled host and port.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ActivePerl (builds prior to 630 of ActivePerl 5.6.1)
No auth needed
Prerequisites: Target must have ActivePerl with perlIIS.dll configured in IIS · The 'Check that file exists' option must be disabled in IIS
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Vendor Advisory x_refsource_confirm
http://bugs.activestate.com/show_bug.cgi?id=18062
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7539
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3526
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=100583978302585&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/678

Scores

EPSS 0.1442
EPSS Percentile 96.2%

Details

Status published
Products (1)
activestate/activeperl < 5.6.1.629
Published Dec 06, 2001
Tracked Since Feb 18, 2026