• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Null HTTPd Remote Heap Overflow Vulnerability

Null httpd is a small multithreaded web server for Linux and Windows, mantained by NullLogic.

A remotely exploitable heap overflow has been discovered in Null httpd. By passing a negative content length value to the server, it is possible to modify the allocation size of the read buffer, resulting in a heap overflow.

An attacker may exploit this condition to overwrite arbitrary words in memory through the free() function. This may allow for the execution of arbitrary code.

It should be noted that although reported on v0.5.0, earlier versions are likely vulnerable.