CVE-2003-0899 Information

Description

Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain ’’ or ’’ characters which trigger the overflow when the characters are expanded to <\ and >\ sequences.

Reference

http://marc.info/?l=bugtraq&m=106729188224252&w=2 http://secunia.com/advisories/10092 http://www.osvdb.org/2729 http://www.securityfocus.com/bid/8906 http://www.texonet.com/advisories/TEXONET-20030908.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/13530 https://www.debian.org/security/2003/dsa-396