thttpd 2.04 If-Modified-Since Header Remote Buffer Overflow

critical Nessus Plugin ID 10285

Synopsis

The remote web server is affected by a buffer overflow vulnerability.

Description

It is possible to make the remote thttpd server execute arbitrary code by sending a request like :

GET / HTTP/1.0 If-Modified-Since: AAA[...]AAAA An attacker may use this to gain control on your computer.

Solution

If you are using thttpd, upgrade to version 2.05. If you are not, then contact your vendor and ask for a patch, or change your web server

Plugin Details

Severity: Critical

ID: 10285

File Name: thttpd_buffer_overflow.nasl

Version: 1.32

Type: remote

Family: Web Servers

Published: 11/14/1999

Updated: 8/1/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: www/thttpd

Excluded KB Items: www/too_long_url_crash

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 11/13/1999

Reference Information

CVE: CVE-2000-0359

BID: 1248

Detections

Analytics