Sami HTTP Server Multiple Remote Vulnerabilities

Medium Nessus Plugin ID 16468


The remote server is affected by several flaws.


The remote host seems to be running Sami HTTP Server, an HTTP server for Windows.

The remote version of this software contains multiple vulnerabilities. Sami HTTP server is vulnerable to a denial of service attack. An attacker can exploit this flaw by sending '\r\n\r\n' string.

Sami HTTP server is vulnerable to a directory traversal attack. An attacker may exploit this flaw to gain access to sensitive data like password files.


Sami HTTP Server is not supported any more. Use another web server.

Plugin Details

Severity: Medium

ID: 16468

File Name: samihttp_1_0_5.nasl

Version: $Revision: 1.10 $

Type: remote

Family: Web Servers

Published: 2005/02/16

Modified: 2011/03/17

Dependencies: 10107, 17975, 10386

Risk Information

Risk Factor: Medium


Base Score: 6.4

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2005/02/15

Reference Information

BID: 12559

OSVDB: 13815, 13816