CVE-2000-0002
published 1999-12-22CVE-2000-0002: Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execute commands via a long GET request.
PriorityP342critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
13.88%
96.1th percentile
Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execute commands via a long GET request.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zbsoft | zbserver | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
ZBServer Pro 1.5 - Remote Buffer Overflow (1)
exploitdb·1999-12-23
CVE-2000-0002 ZBServer Pro 1.5 - Remote Buffer Overflow (1)
ZBServer Pro 1.5 - Remote Buffer Overflow (1)
---
source: https://www.securityfocus.com/bid/889/info
ZBSoft ZBServer Pro is an Internet and Intranet server that supports HTTP, Gopher, FTP and Chat Services. ZBServer is available for Microsoft Windows operating systems.
ZBServer Pro 1.5 has an unchecked buffer in the code that handles GET requests. This weakness allows for the execution of arbitrary code.
USSR exploit:
Binary exploit - 19688.exe
Source code - 19688.zip
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19688.exe
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19688.zip
Exploit-DB
ZBServer Pro 1.5 - Remote Buffer Overflow (2)
exploitdb·1999-12-23
CVE-2000-0002 ZBServer Pro 1.5 - Remote Buffer Overflow (2)
ZBServer Pro 1.5 - Remote Buffer Overflow (2)
---
// source: https://www.securityfocus.com/bid/889/info
ZBSoft ZBServer Pro is an Internet and Intranet server that supports HTTP, Gopher, FTP and Chat Services. ZBServer is available for Microsoft Windows operating systems.
ZBServer Pro 1.5 has an unchecked buffer in the code that handles GET requests. This weakness allows for the execution of arbitrary code.
/** slzbserv.c - local/remote exploit for ZBServer PRO 1.50-r1x (WinNT)
**
** ZBServer PRO 1.50-r1x exploit gets remote servers's full control.
** When you attacks a vulnerable server you can run abitrary code
** inside. Firstly, sploit creates an advisory file. It's information
** for administrative use. Later, exploit restores and kills
** overflowed thread but before it patchs s
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=94598388530358&w=2http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9912&L=NTBUGTRAQ&P=R3556http://www.securityfocus.com/bid/889http://www.securityfocus.com/templates/archive.pike?list=1&msg=36B0596E.8D111D66%40teleline.eshttp://marc.info/?l=bugtraq&m=94598388530358&w=2http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9912&L=NTBUGTRAQ&P=R3556http://www.securityfocus.com/bid/889http://www.securityfocus.com/templates/archive.pike?list=1&msg=36B0596E.8D111D66%40teleline.es
1999-12-22
Published