mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-15 03:30:24 +02:00
0xMarcio
894 B
894 B
CVE-2007-4727
Description
Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the SCRIPT_FILENAME variable, aka a "header overflow."
POC
Reference
- http://securityreason.com/securityalert/3127
- http://www.novell.com/linux/security/advisories/2007_20_sr.html
Github
No PoCs found on GitHub currently.