Web Server HTTP OPTIONS Method URL Handling Remote Overflow

High Nessus Plugin ID 11235


Arbitrary code may be run on the remote web server.


It may be possible to make the web server crash or even execute arbitrary code by sending it a too long URL through the OPTIONS method.


Upgrade your web server.

Plugin Details

Severity: High

ID: 11235

File Name: www_too_long_options.nasl

Version: $Revision: 1.17 $

Type: remote

Family: Web Servers

Published: 2003/02/17

Modified: 2014/05/27

Dependencies: 10582, 10107

Risk Information

Risk Factor: High


Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport