Sami HTTP Server 1.0.4 GET Request Remote Overflow

This script is Copyright (C) 2004-2011 Audun Larsen


Synopsis :

Arbitrary code may be run on the remote web server.

Description :

According to its banner, the remote web server is running Sami HTTP
server is v1.0.4 or older. An attacker may be capable of corrupting
data such as the return address, and thereby control the execution
flow of the program. This may result in denial of service or
execution of arbitrary code.

See also :

http://www.karjasoft.com/old.php

Solution :

Use another web server since Sami HTTP is not maintained any more.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.4
(CVSS2#E:U/RL:U/RC:ND)
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 12073 ()

Bugtraq ID: 9679

CVE ID: CVE-2004-0292

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial