CVE-2002-0098

boozt_standard 0.9.8 - Local Buffer Overflow via Long Banner Name Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0098. PoCs published by Rafael San Miguel Carrasco.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Boozt! Standard 0.9.8 CGI by sending a maliciously crafted HTTP POST request with an overly long 'name' parameter, leading to arbitrary code execution via shellcode.

Description

Buffer overflow in index.cgi administration interface for Boozt! Standard 0.9.8 allows local users to execute arbitrary code via a long name field when creating a new banner.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Rafael San Miguel Carrasco · cremotelinux
https://www.exploit-db.com/exploits/21205

This exploit targets a buffer overflow vulnerability in Boozt! Standard 0.9.8 CGI by sending a maliciously crafted HTTP POST request with an overly long 'name' parameter, leading to arbitrary code execution via shellcode.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Boozt! Standard 0.9.8
No auth needed
Prerequisites: Network access to the target CGI interface · Boozt! Standard 0.9.8 running on a Linux host
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/7790.php
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3787
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=101027773404836&w=2
Exploit mailing-list x_refsource_bugtraq
http://online.securityfocus.com/archive/1/249219
Various Sources x_refsource_confirm
http://www.boozt.com/news_detail.php?id=3

Scores

EPSS 0.0688
EPSS Percentile 93.2%

Details

Status published
Products (1)
boozt/boozt_standard 0.9.8
Published Mar 25, 2002
Tracked Since Feb 18, 2026