Httpdx 'h_readrequest()' Host Header Format String Vulnerability Network Vulnerability

Summary

The host is running httpdx Web Server and is prone to Format String vulnerability.

Impact

Successful exploitation will allow attackers to crash an affected server or execute arbitrary code via a specially crafted request. Impact Level: Application

Solution

Upgrade to httpdx Server version 1.4.1 or later http://sourceforge.net/projects/httpdx/

Insight

A format string error exists in the 'h_readrequest()' [httpd_src/http.cpp] function when processing the HTTP 'Host:' header.

Affected

httpdx Web Server version 1.4 and prior on windows.

References

http://secunia.com/advisories/36734
http://www.vupen.com/english/advisories/2009/2654

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-3663

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

3com switch2hub
Asterisk SIP Channel Driver Denial Of Service Vulnerability (Linux)
BitDefender 'pdf.xmd' Module PDF Parsing Remote DoS Vulnerability
Apache httpd Web Server Range Header Denial of Service Vulnerability
Adobe Digital Edition Denial of Service Vulnerability (Windows)

httpdx 'h_readrequest()' Host Header Format String Vulnerability

Take action and discover your vulnerabilities