Description
Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Mark Litchfield · textdoshardware
https://www.exploit-db.com/exploits/21978
References (3)
Core 3
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6090
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/10537.php
Exploit, Vendor Advisory mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0052.html
Scores
EPSS
0.0570
EPSS Percentile
90.4%
Details
Status
published
Products (11)
d-link/di-804
4.68
d-link/dl-704
2.56_b5
d-link/dl-704
2.56_b6
linksys/befw11s4
1.4.2.7
linksys/befw11s4
1.37.2
linksys/befw11s4
1.37.2b
linksys/befw11s4
1.37.9b
linksys/befw11s4
1.40.3
linksys/befw11s4
1.42.7
linksys/wap11
1.3
... and 1 more
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026