|
|
|
|
|
|
|
| |
Sambar Server Multiple CGI Remote Overflow |
|
| This script is Copyright (C) 2002-2010 Tenable Network Security, Inc. |
|
|
| Family | CGI abuses |
| Nessus Plugin ID | 11131 (sambar_DoS.nasl) |
| Bugtraq ID | 3885
|
| CVE ID | CVE-2002-0128
|
|
| Description: |
Synopsis :
The remote web server is vulnerable to a denial of service.
Description :
It is possible to kill the Sambar web server 'server.exe' by sending it
a long request like:
/cgi-win/testcgi.exe?XXXX...X
/cgi-win/cgitest.exe?XXXX...X
/cgi-win/Pbcgi.exe?XXXXX...X
(or maybe in /cgi-bin/)
An attacker may use this flaw to make your server crash continuously,
preventing you from working properly.
Solution :
Upgrade your server to Sambar 51p or delete those CGI.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
|
|
|
|
|
|
