GoAhead WebServer Malformed Content-Length DoS

2003-09-23T00:00:00
ID OSVDB:3617
Type osvdb
Reporter Luigi Auriemma(aluigi@autistici.org)
Modified 2003-09-23T00:00:00

Description

Vulnerability Description

GoAhead WebServer contains a flaw that may allow a remote denial of service. The issue is triggered when sending a HTTP POST request with a malformed Content-Length header, which causes the application to crash resulting in a loss of availability.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

GoAhead WebServer contains a flaw that may allow a remote denial of service. The issue is triggered when sending a HTTP POST request with a malformed Content-Length header, which causes the application to crash resulting in a loss of availability.

References:

Vendor URL: http://216.211.138.77/webserver/webserver.htm Secunia Advisory ID:10678 Other Advisory URL: http://aluigi.altervista.org/adv/goahead-adv1.txt Other Advisory URL: http://aluigi.altervista.org/adv/goahead-neg-adv.txt Other Advisory URL: http://archives.neohapsis.com/archives/bugtraq/2004-01/0140.html ISS X-Force ID: 14890 Bugtraq ID: 9452