Search...

CVE-2004-2035

2004-05-26T04:00:00

ID CVE-2004-2035
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:31:00

Description

MiniShare 1.3.2 allows remote attackers to cause a denial of service (crash) via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences.

JSON Vulners Source

Initial Source

{"id": "CVE-2004-2035", "bulletinFamily": "NVD", "title": "CVE-2004-2035", "description": "MiniShare 1.3.2 allows remote attackers to cause a denial of service (crash) via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences.", "published": "2004-05-26T04:00:00", "modified": "2017-07-11T01:31:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-2035", "reporter": "cve@mitre.org", "references": ["http://lists.netsys.com/pipermail/full-disclosure/2004-May/021980.html", "http://secunia.com/advisories/11715", "http://www.osvdb.org/6432", "https://exchange.xforce.ibmcloud.com/vulnerabilities/16260", "http://sourceforge.net/project/shownotes.php?release_id=241158", "http://www.securityfocus.com/bid/10417", "http://marc.info/?l=bugtraq&m=108563992129877&w=2", "http://www.autistici.org/fdonato/advisory/MiniShare1.3.2-adv.txt"], "cvelist": ["CVE-2004-2035"], "type": "cve", "lastseen": "2019-05-29T18:08:04", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "080963f2fe49f7d2a4091bfe239589c0"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "8ff28e8034aee599b2f155852ef6d3e7"}, {"key": "cpe23", "hash": "687f78ca5ecc72dc7f944df061c2a53f"}, {"key": "cvelist", "hash": "5cc40aea4178fc2d3f263d090d5be1f2"}, {"key": "cvss", "hash": "41b62a8aa1ee5c40897717cadc30784a"}, {"key": "cvss2", "hash": "85fc9715d07b57d9e72056856b007c7b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "4ecc43b19e2d3ca9805fea054d335b15"}, {"key": "href", "hash": "6ea87971b2c098c25de78ba610448eb5"}, {"key": "modified", "hash": "523ab2b584257b356b93ab54fd2d1554"}, {"key": "published", "hash": "c3086b44b2e6d6f507b3bbd6bb1655ff"}, {"key": "references", "hash": "0c6f23a3a44eaa6a660c7b4fd4d414ce"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "59c9c66b316a4b57f51dd3ab97d2db4e"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "5f6bca29114c60d3bb48ab460f6f513f2f7fe1074c3dfe98906b9b6d82c59bd8", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "exploitdb", "idList": ["EDB-ID:24144"]}], "modified": "2019-05-29T18:08:04"}, "score": {"value": 5.0, "vector": "NONE", "modified": "2019-05-29T18:08:04"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "cpe": ["cpe:/a:minishare:minimal_http_server:1.3.2"], "affectedSoftware": [{"name": "minishare minimal_http_server", "operator": "eq", "version": "1.3.2"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:minishare:minimal_http_server:1.3.2:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}

{"exploitdb": [{"lastseen": "2016-02-02T22:36:50", "bulletinFamily": "exploit", "description": "MiniShare Server 1.3.2 Remote Denial Of Service Vulnerability. CVE-2004-2035. Dos exploit for windows platform", "modified": "2004-05-26T00:00:00", "published": "2004-05-26T00:00:00", "id": "EDB-ID:24144", "href": "https://www.exploit-db.com/exploits/24144/", "type": "exploitdb", "title": "MiniShare Server 1.3.2 - Remote Denial of Service Vulnerability", "sourceData": "source: http://www.securityfocus.com/bid/10417/info\r\n\r\nMinishare is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle improperly formed HTTP requests.\r\n\r\nThis issue will allow an attacker to cause the affected computer to stop responding, denying service to legitimate users.\r\n\r\nGET:\r\n\r\n1. GET /something HTTP/1.1\r\n-\r\n2. GET /something HTTP/1.1\\n\r\n-\r\n\r\n\r\nHEAD:\r\n\r\n1. HEAD /something HTTP/1.1\r\n-\r\n2. HEAD /something HTTP/1.1\\n\r\n- ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/24144/"}]}