source: http://www.securityfocus.com/bid/13549/info Orenosv HTTP/FTP server is prone to a remote buffer overflow vulnerability that affects 'cgissi.exe'. This issue presents itself when the application handles excessive values supplied through an SSI command name. A successful attack can result in memory corruption and can be leveraged to cause a denial of service condition or arbitrary code execution. Arbitrary code execution can result in a remote compromise in the context of the server. Orenosv HTTP/FTP Server 0.8.1 is reportedly vulnerable, however, other versions may be affected as well. <!--#aaaaa... --> Approx. 120 bytes of aaaaaa...
Related ExploitsTrying to match CVEs (1): CVE-2005-1666
Trying to match OSVDBs (1): 16166
Other Possible E-DB Search Terms: Orenosv HTTP/FTP Server 0.8.1, Orenosv HTTP
|2004-05-25||Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (1)||badpack3t|
|2004-06-02||Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (2)||CoolICE|
|2004-06-02||Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (3)||CoolICE|
|2008-05-08||Orenosv HTTP/FTP Server 0.8.1 - FTP Commands Remote Buffer Overflow||Samsta|