MyServer 0.4.1 DoS

2003-06-21T18:37:00
ID OSVDB:2189
Type osvdb
Reporter OSVDB
Modified 2003-06-21T18:37:00

Description

Vulnerability Description

MyServer 0.4.1 contains a remote denial of service flaw. This could allow an attacker to disable the MyServer daemon and could potentially allow remote code execution.

Solution Description

Upgrade to MyServer version 0.4.2 or higher.

Short Description

MyServer 0.4.1 contains a remote denial of service flaw. This could allow an attacker to disable the MyServer daemon and could potentially allow remote code execution.

Manual Testing Notes

Request more than 21 "/" characters in a GET request from the MyServer port, such as:

GET ///////////////////////// HTTP/1.0

References:

Nessus Plugin ID:11770 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-06/0161.html ISS X-Force ID: 12395 Generic Informational URL: http://myserverweb.sourceforge.net/ Bugtraq ID: 8010