CVE-2002-1496

Null HTTP Server <0.5.0 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1496. PoCs published by eSDee.

AI-analyzed exploit summary This exploit targets a heap overflow vulnerability in Null httpd 0.5.0 by sending a negative Content-Length value, allowing arbitrary code execution. It includes shellcode to spawn a reverse shell on port 30464.

Description

Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute arbitrary code via a negative value in the Content-Length HTTP header.

Exploits (1)

exploitdb WORKING POC VERIFIED

by eSDee · cremotelinux

https://www.exploit-db.com/exploits/21818

View Code ZIP pw:eip

This exploit targets a heap overflow vulnerability in Null httpd 0.5.0 by sending a negative Content-Length value, allowing arbitrary code execution. It includes shellcode to spawn a reverse shell on port 30464.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Null httpd 0.5.0

No auth needed

Prerequisites: Network access to the target server · Null httpd 0.5.0 running on the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Patch, Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/10160.php

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/5774

Third Party Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2002-09/0284.html

Release Notes x_refsource_confirm

http://freshmeat.net/releases/97910/

Scores

EPSS 0.2253

EPSS Percentile 97.4%

Details

Status published

Products (1)

nulllogic/null_httpd < 0.5.0

Published Apr 02, 2003

Tracked Since Feb 18, 2026