OpenText FirstClass HTTP Daemon /Search Large Request Remote DoS

high Nessus Plugin ID 15934

Synopsis

The remote web server is susceptible to a denial of service attack.

Description

The remote host is running OpenText FirstClass, a web-based unified messaging system.

The remote version of this software is vulnerable to an unspecified denial of service attack that could allow an attacker to disable this service remotely.

Solution

Upgrade to a version newer than FirstClass OpenText 8.0.0.

See Also

https://seclists.org/fulldisclosure/2004/Dec/338

Plugin Details

Severity: High

ID: 15934

File Name: firstclass_http_dos.nasl

Version: 1.17

Type: remote

Family: Web Servers

Published: 12/11/2004

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 12/14/2004

Reference Information

CVE: CVE-2004-2496

BID: 11877