thttpd If-Modified-Since Header Overflow

1999-11-13T00:00:00
ID OSVDB:225
Type osvdb
Reporter OSVDB
Modified 1999-11-13T00:00:00

Description

Vulnerability Description

This host is running the THTTPD web server. Versions of THTTPD less than 2.0.5 are vulnerable to a buffer overflow. This will create a Denial of Service condition and could possibly allow an attacker to execute arbitrary code.

Technical Description

Looks for '^Server: thttpd/2.0[0-4]' in the server banner.

Solution Description

The vendor has released a patch that fixes this issue. Please upgrade to the latest version of THTTPD from http://www.acme.com/software/thttpd/.

Short Description

This host is running the THTTPD web server. Versions of THTTPD less than 2.0.5 are vulnerable to a buffer overflow. This will create a Denial of Service condition and could possibly allow an attacker to execute arbitrary code.

References:

Nessus Plugin ID:10285 ISS X-Force ID: 4852 CVE-2000-0359