CVE-2001-0949

N/A Unknown

Published: December 04, 2001 Modified: April 16, 2026

Description

Buffer overflows in forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 allows remote attackers to execute arbitrary code via long arguments to the parameters (1) Mode, (2) Certificate_File, (3) useExpiredCRLs, (4) listenLength, (5) maxThread, (6) maxConnPerSite, (7) maxMsgLen, (8) exitTime, (9) blockTime, (10) nextUpdatePeriod, (11) buildLocal, (12) maxOCSPValidityPeriod, (13) extension, and (14) a particular combination of parameters associated with private key generation that form a string of a certain length.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://marc.info/?l=bugtraq&m=100749428517090&w=2

Source: cve@mitre.org

http://www.securityfocus.com/bid/3621

Source: cve@mitre.org

Patch Vendor Advisory

http://www.securityfocus.com/bid/3622

Source: cve@mitre.org

http://www.securityfocus.com/bid/3624

Source: cve@mitre.org

http://www.securityfocus.com/bid/3625

Source: cve@mitre.org

http://www.securityfocus.com/bid/3627

Source: cve@mitre.org

http://www.securityfocus.com/bid/3628

Source: cve@mitre.org

http://www.securityfocus.com/bid/3629

Source: cve@mitre.org

http://www.securityfocus.com/bid/3630

Source: cve@mitre.org

http://www.securityfocus.com/bid/3631

Source: cve@mitre.org

http://www.securityfocus.com/bid/3632

Source: cve@mitre.org

http://www.securityfocus.com/bid/3633

Source: cve@mitre.org

http://www.securityfocus.com/bid/3634

Source: cve@mitre.org

http://www.securityfocus.com/bid/3635

Source: cve@mitre.org

http://www.securityfocus.com/bid/3636

Source: cve@mitre.org

http://www.valicert.com/support/security_advisory_eva.html

Source: cve@mitre.org

Vendor Advisory URL Repurposed

https://exchange.xforce.ibmcloud.com/vulnerabilities/7652

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=100749428517090&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3621

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.securityfocus.com/bid/3622

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3624

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3625

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3627

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3628

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3629

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3630

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3631

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3632

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3633

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3634

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3635

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3636

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.valicert.com/support/security_advisory_eva.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory URL Repurposed

https://exchange.xforce.ibmcloud.com/vulnerabilities/7652

Source: af854a3a-2127-422b-91ae-364da2661108

34 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

5.7%

90th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

valicert