icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Rhinosoft DNS4Me Multiple Vulnerabilities

High

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote host is running Rhinosoft DNS4Me, a dynamic DNS software for Windows systems. DNS4Me includes a small web server that can serve static content. It is reported that this embedded web server is prone to multiple security flaws including remote denial of service and cross-site scripting. An attacker can crash the server by sending an abnormally long request or steal cookie-based authentication credentials by sending a malformed link to this site.

Solution

Upgrade or patch according to vendor recommendations.