CVE-2001-0820

Gaztek Ghttp - Buffer Overflow

Title source: rule

Description

Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to execute arbitrary code via long arguments that are passed to (1) the Log function in util.c, or (2) serveconnection in protocol.c.

Exploits (2)

exploitdb WORKING POC VERIFIED

by flea · cremotelinux

https://www.exploit-db.com/exploits/21937

View Code ZIP pw:eip

exploitdb WORKING POC

cremotelinux

https://www.exploit-db.com/exploits/20929

View Code ZIP pw:eip

References (5)

[Mailing List] http://marc.info/?l=bugtraq&m=99279182704674&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=99406263214417&w=2

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/2879

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/2965

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/6702

Scores

EPSS 0.3129

EPSS Percentile 96.8%

Details

Status published

Products (1)

gaztek/ghttp 1.4

Published Dec 06, 2001

Tracked Since Feb 18, 2026