HTTP URI Handling Format String

high Nessus Plugin ID 15640

Synopsis

The remote web server is vulnerable to a format string attack.

Description

The remote web server seems to be vulnerable to a format string attack on the URI.

An attacker might use this flaw to make it crash or even execute arbitrary code on this host.

Solution

Upgrade your software or contact your vendor and inform him of this vulnerability.

Plugin Details

Severity: High

ID: 15640

File Name: http_url_format_string.nasl

Version: Revision: 1.19

Type: remote

Family: Web Servers

Published: 11/6/2004

Updated: 10/21/2015

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport