Pserv 2.0 - HTTP Version Specifier Buffer Overflow

EDB-ID:

22056




Platform:

Linux

Date:

2002-11-30


source: https://www.securityfocus.com/bid/6285/info

A buffer overflow vulnerability has been reported in Pserv. The buffer overflow condition is due to the way Pserv handles data streams from remote connections. 

An attacker can exploit this vulnerability by issuing a HTTP request with an invalid HTTP version specifier. Due to insufficient buffers being allocated when processing the data, it may be possible to corrupt sensitive memory on the system stack.

GET / HTTP/1.[buffer]