Sami HTTP Server 1.0.4 GET Request Remote Overflow

High Nessus Plugin ID 12073


Arbitrary code may be run on the remote web server.


According to its banner, the remote web server is running Sami HTTP server is v1.0.4 or older. An attacker may be capable of corrupting data such as the return address, and thereby control the execution flow of the program. This may result in denial of service or execution of arbitrary code.


Use another web server since Sami HTTP is not maintained any more.

See Also

Plugin Details

Severity: High

ID: 12073

File Name: samihttp_1_0_4.nasl

Version: $Revision: 1.14 $

Type: remote

Family: Web Servers

Published: 2004/02/22

Modified: 2011/03/17

Dependencies: 10107, 10386, 17975

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:U/RC:ND

Vulnerability Information

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2004/02/13

Reference Information

CVE: CVE-2004-0292

BID: 9679

OSVDB: 3970