CVE-2002-1816

CRITICAL

Redshift Atphttpd < 0.4b - Buffer Overflow

Title source: rule

Description

Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.

Exploits (1)

exploitdb WORKING POC VERIFIED

by thread · cremotelinux

https://www.exploit-db.com/exploits/21936

View Code ZIP pw:eip

References (4)

[Broken Link, Exploit, Vendor Advisory] http://archives.neohapsis.com/archives/bugtraq/2002-10/0187.html

[Broken Link, Vendor Advisory] http://secunia.com/advisories/7293

[Broken Link] http://www.iss.net/security_center/static/10362.php

[Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/5956

Scores

CVSS v3 9.8

EPSS 0.1148

EPSS Percentile 93.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-193

Status published

Products (1)

redshift/atphttpd < 0.4b

Published Dec 31, 2002

Tracked Since Feb 18, 2026