Nortel Contivity HTTP Server cgiproc Special Character DoS

Medium Nessus Plugin ID 10160


The remote host is vulnerable to denial of service.


It is possible to crash the remote host by doing the HTTP request :
GET /cgi/cgiproc?$


Upgrade to VxWorks 2.60 or later.

See Also

Plugin Details

Severity: Medium

ID: 10160

File Name: nortel_cgiproc_dos.nasl

Version: $Revision: 1.36 $

Type: remote

Family: Web Servers

Published: 2000/01/20

Modified: 2016/10/27

Dependencies: 10107, 10386, 17975

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:W/RC:ND

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2000/01/17

Reference Information

CVE: CVE-2000-0064

BID: 938

OSVDB: 1201