Web Server HTTP Authorization Header Remote Overflow

high Nessus Plugin ID 10515

Synopsis

The remote host is running a web server with a remote buffer overflow vulnerability.

Description

It may be possible to make the web server crash or execute arbitrary code by sending it an authorization string which is too long.

Solution

Upgrade to the latest version.

Plugin Details

Severity: High

ID: 10515

File Name: www_too_long_auth.nasl

Version: Revision: 1.31

Type: remote

Family: Web Servers

Published: 9/16/2000

Updated: 5/27/2014

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Settings/ParanoidReport