NetworkActive Web Server Resource Exhaustion DoS

High Nessus Network Monitor Plugin ID 2348

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote host is running NetworkActive Web Server. NetworkActive Web Server is a small application that can be downloaded and run on any Windows desktop. An attacker exploiting this flaw would need to be able to connect to the server (typically on port 80) and send long requests. By sending enough requests, the attacker would be able to exhaust the resources of the Web server and cause it to crash.

Solution

Upgrade or patch according to vendor recommendations.

Plugin Details

Severity: High

ID: 2348

File Name: 2348.prm

Family: Web Servers

Published: 2004/10/05

Modified: 2016/01/30

Dependencies: 1442

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.8

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

CVSSv3

Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS3#AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS3#E:H/RL:U/RC:X

Reference Information

BID: 11326