PT-2001-1989 · Gaztek · Gaztek Ghttpd

Published

2001-11-22

Updated

2017-12-19

CVE-2001-0820

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions GazTek ghttpd version 1.4

Description The issue allows a remote attacker to execute arbitrary code via long arguments passed to certain functions. Specifically, buffer overflows can occur in the Log function in util.c or the serveconnection function in protocol.c.

Recommendations For GazTek ghttpd version 1.4, consider disabling the Log function in util.c and the serveconnection function in protocol.c until a patch is available to prevent exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0820

Affected Products

Gaztek Ghttpd

PT-2001-1989 · Gaztek · Gaztek Ghttpd

CVE-2001-0820

Related Identifiers

Affected Products

References · 8