Orange Web Server Malformed HTTP Request Remote DoS

medium Nessus Plugin ID 10636

Synopsis

The remote has an application that is affected by a denial of service vulnerability.

Description

It was possible to make the remote web server crash by sending it an invalid HTTP request (GET A). An attacker may use this flaw to prevent this host from fulfilling its role.

Solution

Contact your vendor for a patch.

Plugin Details

Severity: Medium

ID: 10636

File Name: orange_dos.nasl

Version: 1.24

Type: remote

Family: Web Servers

Published: 3/25/2001

Updated: 7/24/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2/27/2001

Reference Information

CVE: CVE-2001-0647

BID: 2432

Detections

Analytics