Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2009 LSSOPENVAS:1361412562310102004
HistoryJun 23, 2009 - 12:00 a.m.

WWW Too Long URL DoS Vulnerability

2009-06-2300:00:00
Copyright (C) 2009 LSS
plugins.openvas.org
508

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.953 High

EPSS

Percentile

99.4%

JSON

Remote web server is vulnerable to the too long URL vulnerability. It might be
possible to gain remote access using buffer overflow.

# SPDX-FileCopyrightText: 2009 LSS
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.102004");
  script_version("2023-07-21T05:05:22+0000");
  script_tag(name:"last_modification", value:"2023-07-21 05:05:22 +0000 (Fri, 21 Jul 2023)");
  script_tag(name:"creation_date", value:"2009-06-23 09:27:52 +0200 (Tue, 23 Jun 2009)");
  script_cve_id("CVE-2000-0002", "CVE-2000-0065", "CVE-2000-0571", "CVE-2001-1250", "CVE-2003-0125",
                "CVE-2003-0833", "CVE-2006-1652", "CVE-2004-2299", "CVE-2002-1003", "CVE-2002-1012",
                "CVE-2002-1011", "CVE-2001-0836", "CVE-2005-1173", "CVE-2002-1905", "CVE-2002-1212",
                "CVE-2002-1120", "CVE-2000-0641", "CVE-2002-1166", "CVE-2002-0123", "CVE-2001-0820",
                "CVE-2002-2149");
  script_name("WWW Too Long URL DoS Vulnerability");
  script_tag(name:"qod_type", value:"remote_analysis");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_category(ACT_DENIAL);
  script_family("Buffer overflow");
  script_copyright("Copyright (C) 2009 LSS");
  script_dependencies("find_service.nasl", "httpver.nasl", "global_settings.nasl");
  script_require_ports("Services/www", 80);
  script_exclude_keys("Settings/disable_cgi_scanning");

  script_tag(name:"solution", value:"Upgrade vulnerable web server to latest version.");

  script_tag(name:"summary", value:"Remote web server is vulnerable to the too long URL vulnerability. It might be
  possible to gain remote access using buffer overflow.");

  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("http_func.inc");
include("port_service_func.inc");

port = http_get_port(default:80);
if(http_is_dead(port:port))exit(0);

#send a long url through the http port
req = string("/", crap(65535));
req = http_get(item:req, port:port);
http_send_recv(port:port, data:req);

#ret_code == 0, http up
#ret_code == 1, http down
ret_code = http_is_dead(port:port, retry:2);

if (ret_code == 1){
  set_kb_item(name:"www/too_long_url_crash", value:TRUE);
  security_message(port:port);
} else {
  exit(99);
}

Related

openvas 7
nessus 5
cve 21
nvd 21
cvelist 21
cert 1
debiancve 1
securityvulns 4
packetstorm 2
canvas 1
prion 1
checkpoint_advisories 2
osv 1
debian 1
openvas
openvas
www too long url
2009-06-23 00:00:00
HTTP User-Agent Overflow DoS Vulnerability
2005-11-03 00:00:00
Oracle9iAS too long URL
2005-11-03 00:00:00
nessus
nessus
Web Server Long URL Handling Remote Overflow DoS
1999-06-22 00:00:00
Web Server HTTP OPTIONS Method URL Handling Remote Overflow
2003-02-17 00:00:00
Oracle Application Server Web Cache HTTP Request Overflow
2002-08-14 00:00:00
cve
cve
CVE-2000-0571
2000-10-13 04:00:00
CVE-2002-2149
2022-10-03 16:23:50
CVE-2000-0641
2000-10-13 04:00:00
nvd
nvd
CVE-2000-0571
2000-07-05 04:00:00
CVE-2002-2149
2002-12-31 05:00:00
CVE-2001-1250
2001-06-29 04:00:00
cvelist
cvelist
CVE-2000-0571
2000-10-13 04:00:00
CVE-2000-0641
2000-10-13 04:00:00
CVE-2002-2149
2022-10-03 16:23:50
cert
cert
Oracle9iAS Web Cache vulnerable to buffer overflow
2001-10-25 00:00:00
debiancve
debiancve
CVE-2003-0833
2022-10-03 16:15:46
securityvulns
securityvulns
iDEFENSE Security Advisory 09.30.2002: Buffer Overflow in WN Server
2002-09-30 00:00:00
Foundstone Labs Advisory - Buffer Overflow in Savant Web Server
2002-09-11 00:00:00
[SECURITY] [DSA-392-1] New webfs packages fix buffer overflows, file and directory exposure
2003-09-30 00:00:00
packetstorm
packetstorm
Savant 3.1 Web Server Overflow
2009-11-26 00:00:00
UltraVNC 1.0.1 Client Buffer Overflow
2009-11-26 00:00:00
canvas
canvas
Immunity Canvas: SAVANT
2002-09-24 04:00:00
prion
prion
Buffer overflow
2006-04-06 10:04:00
checkpoint_advisories
checkpoint_advisories
UltraVNC VNCLog Buffer Overflow - Ver2 (CVE-2006-1652)
2014-12-28 00:00:00
UltraVNC VNCLog Buffer Overflow - Ver2 (CVE-2006-1652)
2014-12-28 00:00:00
osv
osv
webfs - buffer overflows, file and directory exposure
2003-09-29 00:00:00
debian
debian
[SECURITY] [DSA-392-1] New webfs packages fix buffer overflows, file and directory exposure
2003-09-29 15:55:36

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.953 High

EPSS

Percentile

99.4%

JSON
Related for OPENVAS:1361412562310102004
openvas7nessus5cve21nvd21cvelist21cert1debiancve1securityvulns4packetstorm2canvas1prion1checkpoint_advisories2osv1debian1