HTTP Negative Content-Length DoS Network Vulnerability

Summary

We could crash the Savant web server by sending an invalid GET HTTP request with a negative Content-Length field. A cracker may exploit this flaw to disable your service or even execute arbitrary code on your system.

Solution

Upgrade your web server

Severity

Classification

CVE CVE-2002-1828

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

ClamAV 'cli_pdf()' and 'cli_scanicon()' Denial of Service Vulnerabilities (Win
Apple Safari Nested 'object' Tag Remote Denial Of Service vulnerability
BadBlue invalid GET DoS
Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities
Firefox 'nsObserverList::FillObserverArray' DOS Vulnerability (Win)

HTTP negative Content-Length DoS

Take action and discover your vulnerabilities