CVE-ID

CVE-2002-0099

• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP request to the cgi-bin directory in which the CGI program name contains a large number of . (dot) characters.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
MITRE Corporation
Date Record Created
20020315 Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20020911)
Votes (Legacy)
ACCEPT(2) Frech, Green
NOOP(4) Cole, Foat, Wall, Ziese
REVIEWING(1) Christey
Comments (Legacy)
 Christey> Should CVE-2002-0099 and/or CVE-2001-0433 be MERGED with
   CVE-2000-0641?  All describe slightly different overflows
   that, perhaps, should be merged according to CD:SF-LOC.
   It depends on which versions are affected, which would require
   some vendor acknowledgement or consultation.
   
   A vague changelog for version 3.1 at
   http://sourceforge.net/project/shownotes.php?release_id=75333 says
   "security fixes" but it's not clear *which* security fixes
   were made.
   
   The description for CVE-2000-0641 is slightly incorrect.  The
   exploit is clearly due to a large number of headers, not
   arguments to the GET request itself.  So, CVE-2000-0641
   clearly overlaps with CVE-2001-0433.
   
   The exploit for CVE-2001-0433 also doesn't really have
   anything to do with a "cgi-test.pl" program (which isn't in
   the distribution).  The discloser simply used that as an
   example program of a long request.
 Christey> Modify description so that overflow is described as being
   part of the CGI module (so it appears).
   
   Also, Tamer Sahin confirmed via email (9/11/02) that the
   problem was explicitly exhibited using a large number of
   . (dot) characters.

Proposed (Legacy)
20020315
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.