Search...

CVE-2000-0908

2000-12-19T00:00:00

ID CVE-2000-0908
Type cve
Reporter NVD
Modified 2017-10-09T21:29:21

Description

BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request.

JSON Vulners Source

Initial Source

{"id": "CVE-2000-0908", "bulletinFamily": "NVD", "title": "CVE-2000-0908", "description": "BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request.", "published": "2000-12-19T00:00:00", "modified": "2017-10-09T21:29:21", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0908", "reporter": "NVD", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/5270", "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0128.html", "http://www.securityfocus.com/bid/1702", "http://www.netcplus.com/browsegate.htm#BGLatest", "http://marc.info/?l=bugtraq&m=96956211605302&w=2"], "cvelist": ["CVE-2000-0908"], "type": "cve", "lastseen": "2017-10-10T10:34:38", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:netcplus:browsegate:2.80"], "cvelist": ["CVE-2000-0908"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request.", "edition": 2, "enchantments": {}, "hash": "5a35d82ccfaaa6625c80c8c40a11aa7b6946169437f0c366b2d800b70429555a", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "59e5d0c9e4c31a27b0d04b2b82b8f99b", "key": "modified"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "8bdbfe44bd3751d1955998901d3f503f", "key": "cvelist"}, {"hash": "864f8363c408357aba473d221747f435", "key": "references"}, {"hash": "e1a5a3727e099c8f9861a8081382e7bb", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "dccb7dbfe8de9565fb3205c132b2dade", "key": "title"}, {"hash": "8dc5657f2641785f510da5b1bbdc4951", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "f137f44c6f4b5e4bd4b047632843880e", "key": "href"}, {"hash": "9e6c6facafee6a3c7c727ace7e5e5881", "key": "published"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0908", "id": "CVE-2000-0908", "lastseen": "2017-04-18T15:49:24", "modified": "2016-10-17T22:07:42", "objectVersion": "1.2", "published": "2000-12-19T00:00:00", "references": ["http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0128.html", "http://www.securityfocus.com/bid/1702", "http://www.netcplus.com/browsegate.htm#BGLatest", "http://marc.info/?l=bugtraq&m=96956211605302&w=2", "http://xforce.iss.net/static/5270.php"], "reporter": "NVD", "scanner": [], "title": "CVE-2000-0908", "type": "cve", "viewCount": 2}, "differentElements": ["references", "modified"], "edition": 2, "lastseen": "2017-04-18T15:49:24"}, {"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:netcplus:browsegate:2.80"], "cvelist": ["CVE-2000-0908"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request.", "edition": 1, "hash": "0d8ab85c10a643152881980cf932043a28c6c97bb16c49093f21c7f0cdc1d7a9", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "6a95ccf035649ed121b9cf625d99f144", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "8bdbfe44bd3751d1955998901d3f503f", "key": "cvelist"}, {"hash": "e1a5a3727e099c8f9861a8081382e7bb", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "dccb7dbfe8de9565fb3205c132b2dade", "key": "title"}, {"hash": "8dc5657f2641785f510da5b1bbdc4951", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "af05f4500634d4992b8ad65d9fecb77a", "key": "references"}, {"hash": "f137f44c6f4b5e4bd4b047632843880e", "key": "href"}, {"hash": "9e6c6facafee6a3c7c727ace7e5e5881", "key": "published"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0908", "id": "CVE-2000-0908", "lastseen": "2016-09-03T02:46:15", "modified": "2008-09-05T16:22:10", "objectVersion": "1.2", "published": "2000-12-19T00:00:00", "references": ["http://marc.theaimsgroup.com/?l=bugtraq&m=96956211605302&w=2", "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0128.html", "http://www.securityfocus.com/bid/1702", "http://www.netcplus.com/browsegate.htm#BGLatest", "http://xforce.iss.net/static/5270.php"], "reporter": "NVD", "scanner": [], "title": "CVE-2000-0908", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T02:46:15"}], "edition": 3, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "e1a5a3727e099c8f9861a8081382e7bb"}, {"key": "cvelist", "hash": "8bdbfe44bd3751d1955998901d3f503f"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "8dc5657f2641785f510da5b1bbdc4951"}, {"key": "href", "hash": "f137f44c6f4b5e4bd4b047632843880e"}, {"key": "modified", "hash": "c8a3a54bee1354f8d7602d9bdaa27c16"}, {"key": "published", "hash": "9e6c6facafee6a3c7c727ace7e5e5881"}, {"key": "references", "hash": "0ad295f7e9b2f8097ff0c0613e317afc"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "dccb7dbfe8de9565fb3205c132b2dade"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "492ab6db2ec3f4ea420dc0f74e62486276816543ee0af10493b4375741a542c6", "viewCount": 2, "enchantments": {"vulnersScore": 7.5}, "objectVersion": "1.3", "cpe": ["cpe:/a:netcplus:browsegate:2.80"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}

{"result": {"osvdb": [{"id": "OSVDB:1565", "type": "osvdb", "title": "NetcPlus BrowseGate MIME Headers Remote Overflow", "description": "# No description provided by the source\n\n## References:\nISS X-Force ID: 5270\n[CVE-2000-0908](https://vulners.com/cve/CVE-2000-0908)\nBugtraq ID: 1702\n", "published": "2000-09-18T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:1565", "cvelist": ["CVE-2000-0908"], "lastseen": "2017-04-28T13:19:56"}], "openvas": [{"id": "OPENVAS:136141256231011130", "type": "openvas", "title": "BrowseGate HTTP headers overflows", "description": "It was possible to kill the BrowseGate \nproxy by sending it an invalid request with too long HTTP headers\n(Authorization and Referer)\n\nA cracker may exploit this vulnerability to make your web server\ncrash continually or even execute arbirtray code on your system.", "published": "2005-11-03T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231011130", "cvelist": ["CVE-2000-0908"], "lastseen": "2018-04-06T11:16:00"}, {"id": "OPENVAS:11130", "type": "openvas", "title": "BrowseGate HTTP headers overflows", "description": "It was possible to kill the BrowseGate \nproxy by sending it an invalid request with too long HTTP headers\n(Authorization and Referer)\n\nA cracker may exploit this vulnerability to make your web server\ncrash continually or even execute arbirtray code on your system.", "published": "2005-11-03T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=11130", "cvelist": ["CVE-2000-0908"], "lastseen": "2017-12-08T11:44:13"}], "nessus": [{"id": "BROWSEGATE_HTTP_OVERFLOWS.NASL", "type": "nessus", "title": "BrowseGate HTTP MIME Headers Remote Overflow", "description": "It is possible to kill the remote server by sending it an invalid request with too long HTTP headers (Authorization and Referer).\n\nBrowseGate proxy is known to be vulnerable to this flaw.\n\nAn attacker could exploit this vulnerability to cause the web server to crash continually or to execute arbitrary code on the system.", "published": "2002-09-21T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=11130", "cvelist": ["CVE-2000-0908"], "lastseen": "2016-09-26T17:25:53"}], "exploitdb": [{"id": "EDB-ID:20233", "type": "exploitdb", "title": "NetcPlus BrowseGate 2.80 DoS Vulnerability", "description": "NetcPlus BrowseGate 2.80 DoS Vulnerability. CVE-2000-0908. Dos exploit for windows platform", "published": "2000-09-21T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/20233/", "cvelist": ["CVE-2000-0908"], "lastseen": "2016-02-02T13:47:08"}]}}