CVE-2002-1496

Null HTTP Server <0.5.0 - Buffer Overflow

Title source: llm

Description

Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute arbitrary code via a negative value in the Content-Length HTTP header.

Exploits (1)

exploitdb WORKING POC VERIFIED

by eSDee · cremotelinux

https://www.exploit-db.com/exploits/21818

View Code ZIP pw:eip

References (4)

[Patch, Vendor Advisory] http://www.iss.net/security_center/static/10160.php

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/5774

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2002-09/0284.html

[Release Notes] http://freshmeat.net/releases/97910/

Scores

EPSS 0.1452

EPSS Percentile 94.5%

Details

Status published

Products (1)

nulllogic/null_httpd < 0.5.0

Published Apr 02, 2003

Tracked Since Feb 18, 2026