thttpd tdate_parse() Stack Overflow Vulnerability

The thttpd web server (versions 1.90a to 2.04) doesn't do proper bounds checking in the date parsing function tdate_parse().

By overflowing a static buffer in tdate_parse() an attacker could remotely execute commands on the thttpd host with the permissions of thttpd.

The buffer overflow occurs when a HTTP GET request is made with an overlong "If-Modified-Since" header(approx. 1300+) characters.


 

Privacy Statement
Copyright 2010, SecurityFocus