CVE-2011-2900 (mongoose, shttpd, yasslews)

Thursday, August 04, 2011

Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011.

More details here:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2900

Share This! |

Views:	1842
Categories:	CVE

Post Rating I Like this!

Comments:

Most Liked

Latest Member Comments

"Shifting costs from your capital expense with an operational one, the opportunity to scale along when necessary, as well as the Web-bas..."

Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015

"Fast And Furious 7 Full Movie Online Watch http://www.mastimovie.net/fast-and-furious-7-full-movie-online-watch/ Fast And Furious 7 ..."

PoS Malware Kits Rose in Underground in 2014... on 03-17-2015

"Fast And Furious 7 Full Movie Online Watch http://www.mastimovie.net/fast-and-furious-7-full-movie-online-watch/ Fast And Furious 7 ..."

New PCI Compliance Study... on 03-17-2015

"Fast And Furious 7 Full Movie Online Watch http://www.mastimovie.net/fast-and-furious-7-full-movie-online-watch/ Fast And Furious 7 ..."

PCI Security Standards Council Statement on ... on 03-17-2015