Roxen Web Server Counter Module Crafted Request Saturation DoS

high Nessus Plugin ID 10207

Synopsis

The remote web server has a denial of service vulnerability.

Description

Roxen Challenger WebServer is running with the counter module installed. Requesting large counter GIFs can lead to CPU exhaustion.
If the server does not support threads, this will prevent the server from serving other clients.

Solution

Disable the counter module.

Plugin Details

Severity: High

ID: 10207

File Name: roxen_counter.nasl

Version: 1.31

Type: remote

Family: CGI abuses

Published: 1/3/2000

Updated: 1/19/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Vulnerability Publication Date: 1/2/2000

Detections

Analytics