ID
VAR-201009-0313
TITLE
YOPS Server HTTP Request Remote Overflow Vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2010-1965
DESCRIPTION
YOPS (Your Own Personal [WEB] Server) is a Linux platform HTTP server written in C. The http_parse_request_header function of the YOPS server does not use the boundary check of the buffer received from the HTTP command ((HEAD/GET/POST) as a parameter of the logger variable in the swebs_record_log function. The long request parameter can trigger a buffer overflow. Causes arbitrary code to be executed.
Trust: 0.6
sources:
CNVD: CNVD-2010-1965
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2010-1965
AFFECTED PRODUCTS
| vendor: | yoopss | model: | yops | scope: | eq | version: | 2009 | Trust: 0.6 |
sources:
CNVD: CNVD-2010-1965
PATCH
| title: | YOPS Server HTTP Request to Handle Patch for Remote Overflow Vulnerability | url: | https://www.cnvd.org.cn/patchinfo/show/1002 | Trust: 0.6 |
sources:
CNVD: CNVD-2010-1965
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2010-1965 | Trust: 0.6 |
sources:
CNVD: CNVD-2010-1965
REFERENCES
| url: | http://marc.info/?l=bugtraq&m=128415017107354&w=2 | Trust: 0.6 |
sources:
CNVD: CNVD-2010-1965
SOURCES
| db: | CNVD | id: | CNVD-2010-1965 |
LAST UPDATE DATE
2022-05-04T09:19:21.549000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2010-1965 | date: | 2010-09-13T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2010-1965 | date: | 2010-09-13T00:00:00 |