CVE-2000-1186
published 2001-01-09CVE-2000-1186: Buffer overflow in phf CGI program allows remote attackers to execute arbitrary commands by specifying a large number of arguments and including a long MIME…
PriorityP429high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.49%
87.7th percentile
Buffer overflow in phf CGI program allows remote attackers to execute arbitrary commands by specifying a large number of arguments and including a long MIME header.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PHF (Linux/x86) - Remote Buffer Overflow
exploitdb·2000-12-01
CVE-2000-1186 PHF (Linux/x86) - Remote Buffer Overflow
PHF (Linux/x86) - Remote Buffer Overflow
---
/*
| phx.c -- phf buffer overflow exploit for Linux-ix86
| Copyright (c) 2000 by proton. All rights reserved.
|
| This program is free software; you can redistribute it and/or modify
| it under the terms of the GNU General Public License as published by
| the Free Software Foundation; either version 2 of the License, or
| (at your option) any later version.
|
| This program is distributed in the hope that it will be useful,
| but WITHOUT ANY WARRANTY; without even the implied warranty of
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
| GNU General Public License for more details.
*/
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
char tmp[8192];
char *host;
char *progname;
#define ou
Exploit-DB
John Donoghue Knapster 0.9/1.3.8 - File Access
exploitdb·2000-05-13
CVE-2000-0412 John Donoghue Knapster 0.9/1.3.8 - File Access
John Donoghue Knapster 0.9/1.3.8 - File Access
---
source: https://www.securityfocus.com/bid/1186/info
Various open source clones of the Napster software package have a vulnerability by which users may view files on a machine running a vulnerable Napster clone client. The file access is limited to files accessible by the user running the client. The official commercial version of Napster does not contain this vulnerability.
#!/usr/bin/perl
########################################################################
# #
# Gnapster / Knapster "view any file" exploit #
# #
# This script was originally written by no_maam on May the 13th 2000 #
# and modified by Dennis ([email protected]) on May the 14th. #
# #
# It exploits a bug in Gnapster prior to 1.3.9 discovered by #
# Jim Early on May the
No writeups or analysis indexed.
2001-01-09
Published