CVE-2002-2428

GoAhead WebServer < 2.1.4 - Denial of Service via Empty POST Body

Title source: llm
STIX 2.1

Description

webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP POST request that contains a Content-Length header but no body data.

References (1)

Core 1

Scores

EPSS 0.0163
EPSS Percentile 73.6%

Details

CWE
CWE-20
Status published
Products (5)
goahead/goahead_webserver 2.0
goahead/goahead_webserver 2.1
goahead/goahead_webserver 2.1.1
goahead/goahead_webserver 2.1.2
goahead/goahead_webserver < 2.1.3
Published Feb 06, 2009
Tracked Since Feb 18, 2026