D-Link 704p Web Interface syslog.htm Malformed Query Remote DoS

high Nessus Plugin ID 11655

Language:

Synopsis

The remote host is vulnerable to a denial of service.

Description

The remote host is a D-Link router running a firmware version older than, or as old as 2.70.

There is a flaw in this version which may allow an attacker to crash the remote device by sending an overly long argument to the 'syslog.htm' page.

Solution

None at this time. Filter incoming traffic to this port.

Plugin Details

Severity: High

ID: 11655

File Name: dlink_router_overflow.nasl

Version: 1.15

Type: remote

Family: CGI abuses

Published: 5/27/2003

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Detections

Analytics