CVE-2002-2370

SWS Simple Web Server 0.0.3, 0.0.4, 0.1.0 - Denial of Service via Missing URL Newline

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-2370. PoCs published by saman.

AI-analyzed exploit summary This exploit sends a malformed HTTP request without a newline character to SWS Simple Web Server v0.1.0, causing a denial of service by breaking the server's request parsing logic. The PoC demonstrates the vulnerability by sending a static string and closing the connection.

Description

SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote attackers to cause a denial of service (crash) via a URL request that does not end with a newline.

Exploits (1)

exploitdb WORKING POC VERIFIED

by saman · cdoslinux

https://www.exploit-db.com/exploits/21775

View Code ZIP pw:eip

This exploit sends a malformed HTTP request without a newline character to SWS Simple Web Server v0.1.0, causing a denial of service by breaking the server's request parsing logic. The PoC demonstrates the vulnerability by sending a static string and closing the connection.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: SWS Simple Web Server v0.1.0

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/5664

Third Party Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/10005.php

Exploit mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2002-09/0011.html

Scores

EPSS 0.0317

EPSS Percentile 86.4%

Details

Status published

Products (3)

sws/sws_simple_web_server 0.0.3

sws/sws_simple_web_server 0.0.4

sws/sws_simple_web_server 0.1.0

Published Dec 31, 2002

Tracked Since Feb 18, 2026