Ultra Mini HTTPD 'GET' Request Stack-Based Buffer Overflow Vulnerability

Ultra Mini HTTPD is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the server. Failed exploit attempts will result in a denial-of-service condition.

Ultra Mini HTTPD 1.21 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus