CVE-2002-1904

Gaztek Ghttpd - Buffer Overflow

Title source: rule

Description

Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request.

Exploits (1)

exploitdb WORKING POC VERIFIED

by qitest1 · cremotelinux

https://www.exploit-db.com/exploits/20929

View Code ZIP pw:eip

References (4)

[Exploit, Patch] http://www.securityfocus.com/bid/5960

[Third Party Advisory] http://www.iss.net/security_center/static/10361.php

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/295141

[Patch] http://lynorics.sundawn.net/prog/ghttpd.html#versionen

Scores

EPSS 0.1519

EPSS Percentile 94.6%

Details

Status published

Products (4)

gaztek/ghttpd 1.4

gaztek/ghttpd 1.4.1

gaztek/ghttpd 1.4.2

gaztek/ghttpd 1.4.3

Published Dec 31, 2002

Tracked Since Feb 18, 2026