CVE-2002-2428
GoAhead WebServer < 2.1.4 - Denial of Service via Empty POST Body
Title source: llmDescription
webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP POST request that contains a Content-Length header but no body data.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
http://data.goahead.com/Software/Webserver/2.1.8/release.htm#fixed-vulnerability-to-malicious-code-in-webs-c
Scores
EPSS
0.0163
EPSS Percentile
73.6%
Details
CWE
CWE-20
Status
published
Products (5)
goahead/goahead_webserver
2.0
goahead/goahead_webserver
2.1
goahead/goahead_webserver
2.1.1
goahead/goahead_webserver
2.1.2
goahead/goahead_webserver
< 2.1.3
Published
Feb 06, 2009
Tracked Since
Feb 18, 2026