Caudium Web Server < 1.4.4 RC2 Malformed URI DoS

High Nessus Network Monitor Plugin ID 2382

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote host is running Caudium Web Server. The version being run is vulnerable to an attack where a malformed URI causes the web server to stop responding to requests. An attacker exploiting this flaw would only need to be able to connect to the Webserver and issue an HTTP 'GET' request.

Solution

Upgrade to version 1.4.4 RC2 or higher.

Plugin Details

Severity: High

ID: 2382

File Name: 2382.prm

Family: Web Servers

Published: 2004/11/03

Modified: 2016/01/21

Dependencies: 1442

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

CVSSv3

Base Score: 7.5

Temporal Score: 7.2

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS3#E:H/RL:O/RC:C

Reference Information

BID: 11567