NASLDB: CERN httpd CGI Name Handling Remote Overflow
General
ID: 17231
Name: CERN httpd CGI Name Handling Remote Overflow
Summary: Ask for a too long CGI name containing a dot
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Base Vector: –
CVSS Temporal Vector: –
Port: 80
Family: Web Servers
Type: Remote
Description
The remote web server stopped responding after sending it a GET
request for a CGI script with a arbitrary long file name. This is
known to trigger a heap overflow in some servers like CERN HTTPD. An
attacker may use this flaw to disrupt the remote service and possibly
even run malicious code on the affected host subject to the privileges
under which the service operates.
Exploiting
Exploit Available: –
Exploitability Ease: –
Sources
CVE: –
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: –
Patch Release: –
Plugin Release: 2005/02/28
Plugin
Version: 1.17
Filename: cern_httpd_cginame_overflow.nasl
Filesize: 2506 bytes
MD5 Hash: acca22c3e8e363f65b159630a9f34203
Identification: –
Require Keys: www/cern
Dependencies: "find_service1.nasl", "http_version.nasl"
Copyright: This script is Copyright© 2005-2011 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack