Lucene search
HistoryJun 27, 2001 - 4:00 a.m.
CVE-2001-0460
cve-2001-0460
websweeper 4.0
http headers
denial of service
remote attacks
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.6 Medium
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.4%
Websweeper 4.0 does not limit the length of certain HTTP headers, which allows remote attackers to cause a denial of service (memory exhaustion) via an extremely large HTTP Referrer: header.
Affected configurations
Node
baltimore_technologieswebsweeperMatch4.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| baltimore_technologies:websweeper | baltimore technologies websweeper | eq | 4.0 |
Related
openvas
openvas
Infinite HTTP request
2005-11-03 00:00:00
Infinite HTTP Request DoS Vulnerability
2005-11-03 00:00:00
nvd
nvd
CVE-2001-0460
2001-06-27 04:00:00
cvelist
cvelist
CVE-2001-0460
2001-05-24 04:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.6 Medium
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.4%
Related for CVE-2001-0460