ID CVE-2004-2299
Summary Buffer overflow in Omnicron OmniHTTPd 3.0a and earlier allows remote attackers to execute arbitrary code via an HTTP GET request with a long Range header.
References
Vulnerable Configurations
  • cpe:2.3:a:omnicron:omnihttpd:1.1
    cpe:2.3:a:omnicron:omnihttpd:1.1
  • cpe:2.3:a:omnicron:omnihttpd:2.0.4
    cpe:2.3:a:omnicron:omnihttpd:2.0.4
  • cpe:2.3:a:omnicron:omnihttpd:2.0.5
    cpe:2.3:a:omnicron:omnihttpd:2.0.5
  • cpe:2.3:a:omnicron:omnihttpd:2.0.6
    cpe:2.3:a:omnicron:omnihttpd:2.0.6
  • cpe:2.3:a:omnicron:omnihttpd:2.0.7
    cpe:2.3:a:omnicron:omnihttpd:2.0.7
  • cpe:2.3:a:omnicron:omnihttpd:2.0.8
    cpe:2.3:a:omnicron:omnihttpd:2.0.8
  • cpe:2.3:a:omnicron:omnihttpd:2.0_9
    cpe:2.3:a:omnicron:omnihttpd:2.0_9
  • cpe:2.3:a:omnicron:omnihttpd:2.0_alpha_1
    cpe:2.3:a:omnicron:omnihttpd:2.0_alpha_1
  • cpe:2.3:a:omnicron:omnihttpd:2.0_alpha_2
    cpe:2.3:a:omnicron:omnihttpd:2.0_alpha_2
  • cpe:2.3:a:omnicron:omnihttpd:2.10
    cpe:2.3:a:omnicron:omnihttpd:2.10
  • cpe:2.3:a:omnicron:omnihttpd:2.4_pro
    cpe:2.3:a:omnicron:omnihttpd:2.4_pro
  • cpe:2.3:a:omnicron:omnihttpd:3.0a
    cpe:2.3:a:omnicron:omnihttpd:3.0a
CVSS
Base: 7.5 (as of 08-08-2005 - 08:57)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description Omnicron OmniHTTPD 2.x/3.0 Get Request Buffer Overflow Vulnerability. CVE-2004-2299. Remote exploit for windows platform
id EDB-ID:24129
last seen 2016-02-02
modified 2004-04-23
published 2004-04-23
reporter CoolICE
source https://www.exploit-db.com/download/24129/
title Omnicron OmniHTTPD 2.x/3.0 Get Request Buffer Overflow Vulnerability
nessus via4
NASL family Web Servers
NASL id WWW_TOO_LONG_URL.NASL
description The remote web server crashes when it receives a too long URL. It might be possible to make it execute arbitrary code through this flaw.
last seen 2019-01-16
modified 2018-08-07
plugin id 10320
published 1999-06-22
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=10320
title Web Server Long URL Handling Remote Overflow DoS
refmap via4
bid 10376
bugtraq 20040518 Overflow@OmniHTTPd
osvdb 12944
xf omnithttpd-range-header-bo(16190)
Last major update 08-09-2013 - 00:31
Published 31-12-2004 - 00:00
Last modified 10-07-2017 - 21:31
Back to Top