CVE-2003-1228

Mathopd < 1.5 - Buffer Overflow

Title source: rule

Description

Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via an HTTP request with a long path.

Exploits (1)

exploitdb WORKING POC VERIFIED

by aion · cremotelinux

https://www.exploit-db.com/exploits/23811

View Code ZIP pw:eip

References (6)

[Issue Tracking, Mailing List, Third Party Advisory] http://marc.info/?l=bugtraq&m=107090601705839&w=2

[Exploit, Third Party Advisory] http://www.securiteam.com/unixfocus/5FP0C1FCAW.html

[Third Party Advisory] http://secunia.com/advisories/10385/

[Issue Tracking, Mailing List, Third Party Advisory] http://marc.info/?l=bugtraq&m=107064887507504&w=2

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/9871

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15474

Scores

EPSS 0.0945

EPSS Percentile 92.8%

Details

CWE

CWE-120

Status published

Products (2)

mathopd/mathopd 1.5 (2 CPE variants)

mathopd/mathopd 1.2 - 1.5

Published Dec 31, 2003

Tracked Since Feb 18, 2026