CVE - CVE-2002-0099

CVE-ID
CVE-2002-0099	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP request to the cgi-bin directory in which the CGI program name contains a large number of . (dot) characters.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:3788 URL:http://www.securityfocus.com/bid/3788 BUGTRAQ:20020105 Savant Webserver Buffer Overflow Vulnerability URL:http://marc.info/?l=bugtraq&m=101027722904078&w=2 NTBUGTRAQ:20020109 Savant Webserver Buffer Overflow Vulnerability URL:http://marc.info/?l=ntbugtraq&m=101062823305479&w=2 XF:savant-long-parameter-bo(7786) URL:~~http://www.iss.net/security_center/static/7786.php~~ (Obsolete source - check if archived by the Wayback Machine)
Assigning CNA
MITRE Corporation
Date Record Created
20020315	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20020911)
Votes (Legacy)
ACCEPT(2) Frech, Green NOOP(4) Cole, Foat, Wall, Ziese REVIEWING(1) Christey
Comments (Legacy)
Christey> Should CVE-2002-0099 and/or CVE-2001-0433 be MERGED with CVE-2000-0641? All describe slightly different overflows that, perhaps, should be merged according to CD:SF-LOC. It depends on which versions are affected, which would require some vendor acknowledgement or consultation. A vague changelog for version 3.1 at http://sourceforge.net/project/shownotes.php?release_id=75333 says "security fixes" but it's not clear which security fixes were made. The description for CVE-2000-0641 is slightly incorrect. The exploit is clearly due to a large number of headers, not arguments to the GET request itself. So, CVE-2000-0641 clearly overlaps with CVE-2001-0433. The exploit for CVE-2001-0433 also doesn't really have anything to do with a "cgi-test.pl" program (which isn't in the distribution). The discloser simply used that as an example program of a long request. Christey> Modify description so that overflow is described as being part of the CGI module (so it appears). Also, Tamer Sahin confirmed via email (9/11/02) that the problem was explicitly exhibited using a large number of . (dot) characters.
Proposed (Legacy)
20020315
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)