CVE-2003-0833

webfs - Stack-based Buffer Overflow via Long Directory Pathname

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0833. PoCs published by jsk.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in WebFS 1.7.x by creating directories with excessively long names via FTP, then triggering the overflow via an HTTP request to execute arbitrary code. It includes shellcode for a bind shell on port 26112.

Description

Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname.

Exploits (1)

exploitdb WORKING POC VERIFIED

by jsk · cremotelinux

https://www.exploit-db.com/exploits/23196

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in WebFS 1.7.x by creating directories with excessively long names via FTP, then triggering the overflow via an HTTP request to execute arbitrary code. It includes shellcode for a bind shell on port 26112.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WebFS 1.7.x

Auth required

Prerequisites: FTP access to the target system · Ability to create directories on the target system

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Vendor Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2003/dsa-392

Scores

EPSS 0.0641

EPSS Percentile 92.8%

Details

Status published

Products (4)

webfs/webfs 1.17

webfs/webfs 1.18

webfs/webfs 1.19

webfs/webfs 1.20

Published Nov 17, 2003

Tracked Since Feb 18, 2026