|
Family: Web Servers --> Category: destructive_attack
CERN httpd CGI name heap overflow Vulnerability Scan
Vulnerability Scan Summary Ask for a too long CGI name containing a dot
Detailed Explanation for this Vulnerability Test
It was possible to kill the remobe
web server by requesting
GET /cgi-bin/A.AAAA[...]A HTTP/1.0
This is known to trigger a heap overflow in some servers like
CERN HTTPD.
A cracker may use this flaw to disrupt your server. It *might*
also be exploitable to run malicious code on the machine.
Solution : Ask your vendor for a patch or move to another server
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|