CVE-2001-1457

Name of the Vulnerable Software and Affected Versions CrazyWWWBoard versions 2000p4 and 2000LEp5

Description The issue allows remote attackers to execute arbitrary code via a long HTTP USER AGENT CGI environment variable. This is a result of a buffer overflow.

Recommendations For CrazyWWWBoard version 2000p4, update or patch the software to fix the buffer overflow issue. For CrazyWWWBoard version 2000LEp5, update or patch the software to fix the buffer overflow issue. As a temporary workaround, consider restricting the length of the HTTP USER AGENT variable to prevent exploitation.