Sambar Server search.pl results.stm Overflow DoS

high Nessus Plugin ID 18650

Language:

Synopsis

The remote host has an application that is affected by multiple vulnerabilities.

Description

The remote host is running Sambar Server, a web server package.

The remote version of this software contains a flaw that may allow an attacker to crash the service remotely.

A buffer overflow was found in the /search/results.stm application that comes shipped with Sambar Server.

Vulnerable versions: Sambar Server 4.x Sambar Server 5.x Sambar Server 6.0

Solution

Upgrade to current release of this software

Plugin Details

Severity: High

ID: 18650

File Name: sambar_search_dos.nasl

Version: 1.13

Type: remote

Family: CGI abuses

Published: 7/8/2005

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 6/21/2003

Reference Information

BID: 7975

Detections

Analytics