MyServer HTTP POST Request Remote Overflow DoS

medium Nessus Plugin ID 14838

Synopsis

The remote web server is susceptible to a denial of service attack.

Description

The remote host is running MyServer, an open source web server. The installed version is vulnerable to remote denial of service attack. Using a specially crafted HTTP POST request to 'index.html' when 'View' is set to 'Logon', an unauthenticated, remote attacker can cause the server to stop responding.

Solution

Upgrade to the MyServer version 0.7.2 or later.

See Also

http://www.nessus.org/u?913eb7d4

http://sourceforge.net/project/shownotes.php?release_id=270736

Plugin Details

Severity: Medium

ID: 14838

File Name: myserver_post_dos.nasl

Version: 1.16

Type: remote

Family: Web Servers

Published: 9/28/2004

Updated: 6/12/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:myserver:myserver

Excluded KB Items: www/too_long_url_crash

Vulnerability Publication Date: 9/23/2004

Reference Information

CVE: CVE-2004-2517

Secunia: 12640