Heap overflow

Heap-based Buffer Overflow in the dedotdot function in libhttpd.c in sthttpd before 2.27.1 allows remote attackers to cause a denial of service daemon crash or possibly have unspecified other impact via a crafted filename...

CVE-2017-10671

CVE-2017-10671 affects sthttpd up to version 2.27.1. Heap-based Buffer Overflow occurs in the de_dotdot function in libhttpd.c, allowing remote attackers to cause a denial of service (daemon crash) and potentially other impact via a crafted filename. Upstream fixes are in 2.27.1 (as noted by Arch...

CVE-2003-0899

Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '' characters, which trigger the overflow when the characters are expanded to "" and "" sequences...

CVE-2003-0899

CVE-2003-0899 describes a buffer overflow in thttpd (defang in libhttpd.c) affecting versions 2.21 to 2.23b1. The overflow can be triggered by requests containing ‘’ that are expanded to “”, enabling remote code execution. Connected sources (SUSE, Debian, OpenVAS, and NVD listing) confirm the vul...

PT-2003-1946 · Thttpd · Thttpd

Name of the Vulnerable Software and Affected Versions: thttpd versions 2.21 through 2.23b1 Description: A buffer overflow issue exists in the defang function within libhttpd.c, allowing remote attackers to execute arbitrary code. This occurs when requests containing '' characters are processed,...

thttpd 2.2x - defang Remote Buffer Overflow (PoC)

thttpd 2.2x - defang Remote Buffer Overflow PoC / source: https://www.securityfocus.com/bid/8906/info A vulnerability has been reported in thttpd that may allow a remote attacker to execute arbitrary code on vulnerable host. The issue is reported to exist due to a lack of bounds checking by...