Pavuk < 0.928r3 Digest Authentication Remote Overflow (deprecated)

Low Nessus Network Monitor Plugin ID 1776

Synopsis

The remote host is using a vulnerable version of Pavuk, a web spider.

Description

The remote host is using a version of Pavuk, a web spider, that is vulnerable to an authentication buffer overflow. An attacker can construct a malicious website that is designed to trigger the vulnerability and run arbitrary code on the client machine.

Solution

Upgrade to 0.928r3 or higher.

Plugin Details

Severity: Low

ID: 1776

File Name: 1776.prm

Family: Web Clients

Published: 2004/08/20

Modified: 2015/06/01

Dependencies: 1735, 8314

Risk Information

Risk Factor: Low

Temporal Vector: CVSS2#E:F/RL:U/RC:C

Reference Information

CVE: CVE-2004-1437

BID: 10797

OSVDB: 8242