OpenText FirstClass HTTP Daemon /Search Large Request Remote DoS

This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.


Synopsis :

The remote web server is susceptible to a denial of service attack.

Description :

The remote host is running OpenText FirstClass, a web-based unified
messaging system.

The remote version of this software is vulnerable to an unspecified
denial of service attack that could allow an attacker to disable this
service remotely.

See also :

http://archives.neohapsis.com/archives/fulldisclosure/2004-12/0321.html

Solution :

Upgrade to a version newer than FirstClass OpenText 8.0.0.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:H/RL:U/RC:C)
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 15934 (firstclass_http_dos.nasl)

Bugtraq ID: 11877

CVE ID: CVE-2004-2496