PT-2001-1348 · Omni · Omnihttpd

Published

2001-02-14

Updated

2008-09-05

CVE-2001-0113

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: OmniHTTPd version 2.07

Description: The issue allows remote attackers to execute arbitrary commands. This is achieved by manipulating the mostbrowsers parameter, which is used as part of a generated Perl script.

Recommendations: For OmniHTTPd version 2.07, consider restricting access to the mostbrowsers parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the mostbrowsers parameter in the affected script until the issue is resolved.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0113

Affected Products

Omnihttpd

PT-2001-1348 · Omni · Omnihttpd

CVE-2001-0113

Related Identifiers

Affected Products

References · 4