source: https://www.securityfocus.com/bid/8695/info It has been reported that Null HTTPd is prone to a cross-site scripting vulnerability when displaying error pages that may allow an attacker to execute HTML or script code in a user's browser. The issue was previously reported and fixed (BID 5603), however an attacker may send a long HTTP request to the software, which may overwrite memory containing the fix for cross-site scripting issue. As a result, an attacker may bypass the check for cross-site scripting and construct a link containing malicious HTML and script code to be rendered in a user's browser upon visiting that link. Successful exploitation of this issue may allow an attacker to steal cookie-based authentication credentials. Other attacks are also possible. Null HTTPd version 0.5.1 and prior are reported to be prone to this issue. http://www.example.com/ [1799 bytes --needed to avoid XXS] [243 bytes --XXS code] Answer from NULLhttpd: ---- HTTP/1.0 200 OK Cache-Control: no-store Connection: Close Content-Length: 472 Date: Tue, 23 Sep 2003 11:39:30 GMT Expires: Tue, 23 Sep 2003 11:39:30 GMT Last-Modified: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaano-cache Pragma: no-cache Server: Null httpd 0.5.1 Content-Type: text/html xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxx400 Bad Request

400 Bad Request

Can't Parse Request.
Null httpd 0.5.1
----