Summary
It was possible to freeze or reboot Windows by
reading a MS/DOS device through HTTP, using
a file name like CON\CON, AUX.htm or AUX.
A cracker may use this flaw to make your
system crash continuously, preventing
you from working properly.
Solution
upgrade your system or use a
HTTP server that filters those names out.
Severity
Classification
-
CVE CVE-2000-0168, CVE-2001-0386, CVE-2001-0391, CVE-2001-0493, CVE-2001-0558, CVE-2001-0602, CVE-2002-0200, CVE-2003-0016 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- CA kmxfw.sys Code Execution and DoS Vulnerabilities
- Apple QuickTime Malformed .mov File Buffer Overflow Vulnerability
- Adersoft VbsEdit '.vbs' File Denial Of Service Vulnerability
- Aast! Antivirus 'aavmker4.sys' Denial Of Service Vulnerability (Win)
- Adobe Digital Edition Denial of Service Vulnerability (Mac OS X)