Summary
Detail | |||
---|---|---|---|
Vendor | Valenok | First view | 2011-08-05 |
Product | Mongoose | Last view | 2011-08-05 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:a:valenok:mongoose:3.0:*:*:*:*:*:*:* | 1 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2011-08-05 | CVE-2011-2900 | Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
74309 | Mongoose mongoose.c put_dir() Function HTTP PUT Web Request Parsing Overflow |
ExploitDB Exploits
id | Description |
---|---|
17669 | Simple HTTPd 1.42 PUT Request Remote Buffer Overflow Vulnerability |
OpenVAS Exploits
id | Description |
---|---|
2012-04-02 | Name : Fedora Update for mongoose FEDORA-2011-11636 File : nvt/gb_fedora_2011_11636_mongoose_fc16.nasl |
2011-09-12 | Name : Fedora Update for mongoose FEDORA-2011-11823 File : nvt/gb_fedora_2011_11823_mongoose_fc15.nasl |
2011-09-12 | Name : Fedora Update for mongoose FEDORA-2011-11825 File : nvt/gb_fedora_2011_11825_mongoose_fc14.nasl |
2011-09-07 | Name : Mongoose Web Server Remote Buffer Overflow Vulnerability File : nvt/gb_mongoose_server_put_req_bof_vuln.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2011-09-09 | Name: The remote Fedora host is missing a security update. File: fedora_2011-11823.nasl - Type: ACT_GATHER_INFO |
2011-09-09 | Name: The remote Fedora host is missing a security update. File: fedora_2011-11825.nasl - Type: ACT_GATHER_INFO |
2011-09-07 | Name: The remote Fedora host is missing a security update. File: fedora_2011-11636.nasl - Type: ACT_GATHER_INFO |