CVE-2011-2900: CVE-2011-2900

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2011-2900

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Valenok Mongoose HTTP PUT请求处理漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Mongoose是MongoDB的一个对象模型工具，可以工作于异步环境下。 Mongoose 3.0及其他版本在处理HTTP PUT web请求时，“put_dir()”函数（mongoose.c）中的错误导致存在拒绝服务漏洞。远程攻击者可利用此漏洞导致断言错误或栈缓冲区溢出。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2011-2900

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2011-2900

Please Login to view more intelligence information

https://code.google.com/p/mongoose/source/detail?r=556f4de91eae4bac40dc5d4ddbd9ec7c424711d0x_refsource_CONFIRM
http://securityreason.com/securityalert/8337third-party-advisoryx_refsource_SREASON
http://secunia.com/advisories/45902third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/48980vdb-entryx_refsource_BID
http://secunia.com/advisories/45464third-party-advisoryx_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065505.htmlvendor-advisoryx_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065273.htmlvendor-advisoryx_refsource_FEDORA
https://exchange.xforce.ibmcloud.com/vulnerabilities/68991vdb-entryx_refsource_XF
http://www.openwall.com/lists/oss-security/2011/08/03/9mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2011-2900

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2011-2900

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2011-2900

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2011-2900

III. Intelligence Information for CVE-2011-2900

IV. Related Vulnerabilities

V. Comments for CVE-2011-2900

Leave a comment