CVE-2002-1120

Savant Web Server <3.1 - RCE

Title source: llm

Description

Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.

Exploits (5)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16770

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by basher13 · perlremotewindows

https://www.exploit-db.com/exploits/1184

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Jacopo Cervini · perlremotewindows

https://www.exploit-db.com/exploits/4280

View Code ZIP pw:eip

metasploit WORKING POC GREAT

by aushack · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/savant_31_overflow.rb

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by DouBle_Zer0 · pythonremotewindows

https://www.exploit-db.com/exploits/10434

View Code ZIP pw:eip

References (4)

[Patch, Vendor Advisory] http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0112.html

[Vendor Advisory] http://www.iss.net/security_center/static/10076.php

[Vendor Advisory] http://www.securityfocus.com/bid/5686

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/16770/

Scores

EPSS 0.7304

EPSS Percentile 98.8%

Classification

Status draft

Affected Products (1)

savant/savant_web_server < 3.1

Timeline

Published Sep 24, 2002

Tracked Since Feb 18, 2026