Web Server HTTP Cookie Header Remote Overflow

This script is Copyright (C) 2002-2014 Tenable Network Security, Inc.


Synopsis :

The remote host is running a web server with a remote buffer overflow
vulnerability.

Description :

It was possible to kill the web server by sending an invalid request
with a long cookie name or value.

An attacker may exploit this vulnerability to make the web server
crash continually or even execute arbitrary code.

This is known to affect early versions of Apache and may also affect
additional web servers.

See also :

http://seclists.org/bugtraq/1997/Jan/0044.html

Solution :

Upgrade your software or protect it with a filtering reverse proxy.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Web Servers

Nessus Plugin ID: 11077 ()

Bugtraq ID:

CVE ID: CVE-1999-0071

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial