← back
CVE-2009-3663

CVE-2009-3663

EPSS 14.6%
Format string vulnerability in the h_readrequest function in http.c in httpdx Web Server 1.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in the Host header.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/9657unverifiedexploitdbwww.exploit-db.com/exploits/9657unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://httpdx.sourceforge.net/downloads/changelog.loghttp://osvdb.org/58129http://secunia.com/advisories/36734https://exchange.xforce.ibmcloud.com/vulnerabilities/53205http://www.exploit-db.com/exploits/9657http://www.vupen.com/english/advisories/2009/2654