ID CVE-2002-1166
Summary Buffer overflow in John Franks WN Server 1.18.2 through 2.0.0 allows remote attackers to execute arbitrary code via a long GET request.
References
Vulnerable Configurations
  • cpe:2.3:a:john_franks:wn_server:1.18.2
    cpe:2.3:a:john_franks:wn_server:1.18.2
  • cpe:2.3:a:john_franks:wn_server:1.18.3
    cpe:2.3:a:john_franks:wn_server:1.18.3
  • cpe:2.3:a:john_franks:wn_server:1.18.4
    cpe:2.3:a:john_franks:wn_server:1.18.4
  • cpe:2.3:a:john_franks:wn_server:1.18.5
    cpe:2.3:a:john_franks:wn_server:1.18.5
  • cpe:2.3:a:john_franks:wn_server:1.18.6
    cpe:2.3:a:john_franks:wn_server:1.18.6
  • cpe:2.3:a:john_franks:wn_server:1.18.7
    cpe:2.3:a:john_franks:wn_server:1.18.7
  • cpe:2.3:a:john_franks:wn_server:1.19.0
    cpe:2.3:a:john_franks:wn_server:1.19.0
  • cpe:2.3:a:john_franks:wn_server:1.19.1
    cpe:2.3:a:john_franks:wn_server:1.19.1
  • cpe:2.3:a:john_franks:wn_server:1.19.2
    cpe:2.3:a:john_franks:wn_server:1.19.2
  • cpe:2.3:a:john_franks:wn_server:1.19.3
    cpe:2.3:a:john_franks:wn_server:1.19.3
  • cpe:2.3:a:john_franks:wn_server:1.19.4
    cpe:2.3:a:john_franks:wn_server:1.19.4
  • cpe:2.3:a:john_franks:wn_server:1.19.5
    cpe:2.3:a:john_franks:wn_server:1.19.5
  • cpe:2.3:a:john_franks:wn_server:1.19.6
    cpe:2.3:a:john_franks:wn_server:1.19.6
  • cpe:2.3:a:john_franks:wn_server:1.19.7
    cpe:2.3:a:john_franks:wn_server:1.19.7
  • cpe:2.3:a:john_franks:wn_server:1.19.8
    cpe:2.3:a:john_franks:wn_server:1.19.8
  • cpe:2.3:a:john_franks:wn_server:1.19.9
    cpe:2.3:a:john_franks:wn_server:1.19.9
  • cpe:2.3:a:john_franks:wn_server:2.0.0
    cpe:2.3:a:john_franks:wn_server:2.0.0
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
NASL family Web Servers
NASL id WWW_TOO_LONG_URL.NASL
description The remote web server crashes when it receives a too long URL. It might be possible to make it execute arbitrary code through this flaw.
last seen 2019-02-21
modified 2018-08-07
plugin id 10320
published 1999-06-22
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=10320
title Web Server Long URL Handling Remote Overflow DoS
refmap via4
bid 5831
bugtraq 20020930 iDEFENSE Security Advisory 09.30.2002: Buffer Overflow in WN Server
osvdb 9836
vulnwatch 20020930 iDEFENSE Security Advisory 09.30.2002: Buffer Overflow in WN Server
xf wn-server-get-bo(10223)
Last major update 17-10-2016 - 22:24
Published 11-10-2002 - 00:00
Back to Top