CVE-2000-0359 - Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or exe

CVE-2000-0359

Summary

Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header.

References

Vulnerable Configurations

cpe:2.3:a:acme_labs:thttpd:1.90a:*:*:*:*:*:*:*
cpe:2.3:a:acme_labs:thttpd:1.90a:*:*:*:*:*:*:*
cpe:2.3:a:acme_labs:thttpd:1.95:*:*:*:*:*:*:*
cpe:2.3:a:acme_labs:thttpd:1.95:*:*:*:*:*:*:*
cpe:2.3:a:acme_labs:thttpd:2.0:*:*:*:*:*:*:*
cpe:2.3:a:acme_labs:thttpd:2.0:*:*:*:*:*:*:*
cpe:2.3:a:acme_labs:thttpd:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:acme_labs:thttpd:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:acme_labs:thttpd:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:acme_labs:thttpd:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:acme_labs:thttpd:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:acme_labs:thttpd:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:acme_labs:thttpd:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:acme_labs:thttpd:2.0.4:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 10-09-2008 - 19:04)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	1248
bugtraq	19991113 thttpd 2.04 stack overflow (VD#6)
suse	19991116 Security hole in thttpd 1.90a - 2.04
xf	thttpd-ifmodifiedsince-header-dos

Last major update

10-09-2008 - 19:04

Published

20-10-2000 - 04:00

Last modified

10-09-2008 - 19:04