Kolibri Webserver 'HEAD' Request Processing Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is running Kolibri Webserver and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow attacker to crash the server process, resulting in a denial-of-service condition. Impact Level: Application

Solution

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Insight

This flaw is caused by a buffer overflow error when handling overly long 'HEAD' requests, which could allow remote unauthenticated attackers to compromise a vulnerable web server via a specially crafted request.

Affected

Kolibri Webserver version 2.0

References

http://www.exploit-db.com/exploits/15834/
http://www.vupen.com/english/advisories/2010/3332

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

IBM WebSphere Application Server (WAS) Multiple Vulnerabilities
HTTP File Server Security Bypass and Denial of Service Vulnerabilities
Acritum Femitter Server 1.03 Multiple Remote Vulnerabilities
IBM WebSphere Application Server JSF Application Information Disclosure Vulnerability
lighttpd Slow Request Handling Remote Denial Of Service Vulnerability

Take action and discover your vulnerabilities