Vulnerability in N/a

CVE-2006-5216

Stack-based buffer overflow in Sergey Lyubka Simple HTTPD (shttpd) 1.34 allows remote attackers to execute arbitrary code via a long URI.

EPSS: 0.818 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

20061018 shttpd long get request vuln ( retro ) (mailing-list, x_refsource_FULLDISC)
2482 (exploit, x_refsource_EXPLOIT-DB)
22294 (x_refsource_SECUNIA, third-party-advisory)
simplehttpd-post-bo(29368) (vdb-entry, x_refsource_XF)
exploitlabs.com/files/advisories/EXPL-A-2006-005-shttpd.txt (x_refsource_MISC)
1017088 (vdb-entry, x_refsource_SECTRACK)
ADV-2006-3939 (vdb-entry, x_refsource_VUPEN)
20393 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2006-5216?: CVE-2006-5216 is a vulnerability in N/a. Published 2006-10-09.
Is CVE-2006-5216 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.