CVE-2002-1549
published 2003-03-31CVE-2002-1549: Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.
PriorityP343high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
11.17%
95.4th percentile
Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| light_httpd | light_httpd | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Light HTTPd 0.1 (Windows) - Remote Buffer Overflow
exploitdb·2013-04-25
CVE-2002-1549 Light HTTPd 0.1 (Windows) - Remote Buffer Overflow
Light HTTPd 0.1 (Windows) - Remote Buffer Overflow
---
import urllib2
from time import sleep
#########################################################################################################################################
# Title************************Windows Light HTTPD v0.1 HTTP GET Buffer Overflow
# Discovered and Reported******24th of April, 2013
# Discovered/Exploited By******Jacob Holcomb/Gimppy042
# Software Vendor**************http://sourceforge.net/projects/lhttpd/?source=navbar
# Exploit/Advisory*************http://infosec42.blogspot.com/
# Software*********************Light HTTPD v0.1
# Tested Platform**************Windows XP Professional SP2
# Date*************************24/04/2013
#
#PS - This is a good piece of software to practice Stack Based Buffer Overflows i
Exploit-DB
Light HTTPd 0.1 - 'GET' Buffer Overflow (2)
exploitdb·2002-11-12
CVE-2002-1549 Light HTTPd 0.1 - 'GET' Buffer Overflow (2)
Light HTTPd 0.1 - 'GET' Buffer Overflow (2)
---
// source: https://www.securityfocus.com/bid/6162/info
Light httpd is prone to a remotely exploitable buffer overflow condition. This overflow can be triggered by sending the server an excessively long GET request. As Light httpd drops user privileges when running, exploitation of this issue may result in the execution of arbitrary attacker-supplied commands with the privileges of the 'nobody' user.
/*
* lhttpd00r.c by uid0x00([email protected])
*LHTTPd 0.1 remote buffer overflow exploit
*
*should work on any win32. just change ret[] to point at a valid "JMP ESP" address.
*
*compile with gcc lhttpd00r.c -o lhttpd00r
*(tested on cygwin (win2k sp3), compiled with gcc 2.95.3-4 and on redhat 7.2 with gcc 2.96)
*
*binds a shell to a desired por
Exploit-DB
Light HTTPd 0.1 - 'GET' Buffer Overflow (1)
exploitdb·2002-11-12
CVE-2002-1549 Light HTTPd 0.1 - 'GET' Buffer Overflow (1)
Light HTTPd 0.1 - 'GET' Buffer Overflow (1)
---
// source: https://www.securityfocus.com/bid/6162/info
Light httpd is prone to a remotely exploitable buffer overflow condition. This overflow can be triggered by sending the server an excessively long GET request. As Light httpd drops user privileges when running, exploitation of this issue may result in the execution of arbitrary attacker-supplied commands with the privileges of the 'nobody' user.
/*
**
** Proof of Concept LIGHT HTTPd Remote exploit
** by Xpl017Elz
** __
** Testing exploit:
**
** bash$ ./0x82-Remote.lhttpdxpl -h 61.37.xx.xx -t 3
**
** Proof of Concept LIGHT HTTPd Remote exploit
** by Xpl017Elz
**
** Try `./0x82-Remote.lhttpdxpl -?' for more information.
**
** [1] Make shellcode.
** [2] Send exploit (bindshell) code.
**
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2002-11/0138.htmlhttp://www.iss.net/security_center/static/10607.phphttp://www.securityfocus.com/bid/6162http://archives.neohapsis.com/archives/bugtraq/2002-11/0138.htmlhttp://www.iss.net/security_center/static/10607.phphttp://www.securityfocus.com/bid/6162
2003-03-31
Published