BNBT EasyTracker Malformed GET Request Remote DoS

This script is Copyright (C) 2005-2011 Tenable Network Security, Inc.


Synopsis :

The remote web server is prone to denial of service attacks.

Description :

The remote host is running BNBT EasyTracker, a packaged BitTorrent
Tracker Installer for Windows.

The remote version of BNBT EasyTracker fails to properly handle
malformed HTTP requests, making it prone to denial of service attacks.
An attacker can crash the application by sending a request with a
header line consisting of only a ':'.

See also :

http://www.securityfocus.com/archive/1/409621

Solution :

Unknown at this time.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 5.0
(CVSS2#E:H/RL:U/RC:ND)
Public Exploit Available : true

Family: Denial of Service

Nessus Plugin ID: 19548 (bnbt_easytracker_dos.nasl)

Bugtraq ID: 14700

CVE ID: CVE-2005-2806