Sami HTTP Server 1.0.4 GET Request Remote Overflow

High Nessus Network Monitor Plugin ID 1160

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host seems to be running Sami HTTP Server v1.0.4 or older. A vulnerability has been reported for Sami HTTP server v1.0.4. An attacker may be capable of corrupting data such as return address, and thereby control the execution flow of the program. This may result in denial of service or execution of arbitrary code.

Solution

Use another web server since Sami HTTP is not maintained any more.

See Also

http://www.karjasoft.com/old.php

Plugin Details

Severity: High

ID: 1160

Family: Web Servers

Published: 2004/08/20

Modified: 2018/07/11

Dependencies: 1442

Nessus ID: 12073

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:U/RC:ND

CVSSv3

Base Score: 7.3

Temporal Score: 6.7

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:U/RC:X

Vulnerability Information

CPE: cpe:/a:karjasoft:sami_http_server

Reference Information

CVE: CVE-2004-0292

BID: 9679