Lucene search

MitreCVE-2006-2222

HistoryMay 05, 2006 - 7:02 p.m.

CVE-2006-2222

2006-05-0519:02:00

mitre

web.nvd.nist.gov

cve-2006-2222

buffer overflow

zawhttpd

remote attackers

denial of service

backslash characters

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.194

Percentile

96.3%

JSON

Buffer overflow in zawhttpd 0.8.23, and possibly previous versions, allows remote attackers to cause a denial of service (daemon crash) via a request for a URI composed of several "" (backslash) characters.

Affected configurations

Nvd

Node

norzzawhttpdMatch0.8.23

VendorProductVersionCPE
norzzawhttpd0.8.23cpe:2.3:a:norz:zawhttpd:0.8.23:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
norz	zawhttpd	0.8.23	cpe:2.3:a:norz:zawhttpd:0.8.23:::::::*

References

securityreason.com/securityalert/852

securitytracker.com/id?1016030

www.osvdb.org/25671

www.securiteam.com/exploits/5OP0315IKK.html

www.securityfocus.com/archive/1/432955/100/0/threaded

www.securityfocus.com/bid/17814

exchange.xforce.ibmcloud.com/vulnerabilities/26257

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.194

Percentile

96.3%

JSON

Related for CVE-2006-2222