FreeBSD : hiawatha -- integer overflow in Content-Length header parsing (b13414c9-50ba-11e0-975a-000c29cc39d3)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Hugo Leisink reports :

A bug has been found in version 7.4 of the Hiawatha webserver, which
could lead to a server crash. This is caused by an integer overflow in
the routine that reads the HTTP request. A too large value of the
Content-Length HTTP header results in an overflow.

See also :

http://www.hiawatha-webserver.org/weblog/16
http://securityvulns.com/Zdocument902.html
http://www.nessus.org/u?3dd47cb3
http://seclists.org/bugtraq/2011/Mar/65
http://www.nessus.org/u?66e695ff

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 52707 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now