Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2002-0142

EPSS 5.68% · P90
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2002-0142

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
CGI handler in John Roy Pi3Web for Windows 2.0 beta 1 and 2 allows remote attackers to cause a denial of service (crash) via a series of requests whose physical path is exactly 260 characters long and ends in a series of . (dot) characters.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
John Roy Pi3Web超长请求远程缓冲区溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
John Roy Pi3Web是一个免费的、多线程的、高度可定制、可扩展的HTTP服务器,它也提供了对CGI和ISAPI的支持。Pi3Web有Windows、Linux、Solaris下的版本可供使用。 Pi3Web for Windows v2.0 beta1和beta2在处理超长的CGI请求时存在一个缓冲区溢出漏洞,可能使Pi3Web服务器拒绝服务。 当向Pi3Web服务器发送几次带超长(超过260字符长并以一串'.'结束)的CGI文件请求时,服务器程序会因为缓冲区溢出而崩溃。服务器必须重新启动以恢复
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2002-0142

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2002-0142

登录查看更多情报信息。

Same Patch Batch · n/a · 2002-03-15 · 131 CVEs total

CVE-2001-1213DataWizard FtpXQ 缺省特权帐号权限漏洞
CVE-2002-0102Oracle9iAS Web Cache Null字符处理不当导致拒绝服务漏洞
CVE-2002-0101Microsoft Internet Explorer 安全漏洞
CVE-2002-0100AOLServer受口令保护的文件泄露漏洞
CVE-2002-0099Michael Lamont Savant Web服务器超长请求拒绝服务攻击漏洞
CVE-2001-1226AdCycle远程SQL查询修改漏洞。
CVE-2001-1225Hughes Technologies Mini SQL服务拒绝漏洞
CVE-2001-1224Les VanBrunt AdRotate Pro SQL命令注入漏洞
CVE-2001-1223ELSA Lancom 1100 Office不安全web管理漏洞
CVE-2001-1222Plesk Server Administrator 源代码泄露漏洞
CVE-2001-1221D-Link DWL-1000AP 无线局域网访问点'public'口令漏洞
CVE-2001-1220D-Link DWL-1000AP 无线局域网访问点明文密码漏洞
CVE-2001-1219Microsoft Internet Explorer 安全漏洞
CVE-2001-1218Microsoft IE for Solaris X Server拒绝服务漏洞
CVE-2001-1217Oracle 9i应用服务器PL/SQL Apache模块目录遍历漏洞
CVE-2001-1216Oracle 9i应用服务器PL/SQL Apache模块远程缓冲区溢出漏洞
CVE-2001-1214Marcus Xenakis manual.php远程执行任意命令漏洞
CVE-2001-1202DeleGate跨站脚本漏洞
CVE-2001-1198HP-UX rlpdaemon任意创建日志文件漏洞
CVE-2001-1197KDE2 klprfax_filter以不安全的方式创建临时文件漏洞

Showing top 20 of 131 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2002-0142

No comments yet

Leave a comment