WebsitePro <2.5 HTTP GET Request Remote Overflow

High Nessus Network Monitor Plugin ID 1449

Synopsis

The remote host is vulnerable to an overflow.

Description

The remote Web server is a version of WebSitePro which is older than v2.5. There are several buffer overflows in all the releases of WebSitePro older than 2.5. An attacker may exploit them to execute arbitrary code on this host or simply to disable this service

Solution

Upgrade to WebSitePro 2.5 or higher.

See Also

http://archives.neohapsis.com/archives/bugtraq/2000-07/0271.html

Plugin Details

Severity: High

ID: 1449

File Name: 1449.prm

Family: Web Servers

Published: 2004/08/20

Modified: 2016/01/15

Dependencies: 1442

Nessus ID: 10476

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2000-0623

BID: 1492

OSVDB: 375