CVE-2002-1930

Description

Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username.

Affected products

• an / an-httpd1.38 – 1.38
• an / an-httpd1.39 – 1.39
• an / an-httpd1.40 – 1.40
• an / an-httpd1.41 – 1.41
• an / an-httpd1.41b – 1.41b
• an / an-httpd1.41c – 1.41c

References

• MISChttp://archives.neohapsis.com/archives/vulnwatch/2002-q4/0032.html
• MISChttp://www.iss.net/security_center/static/10410.php
• MISChttp://www.securityfocus.com/bid/6012