Kolibri Webserver 'HEAD' Request Processing Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is running Kolibri Webserver and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow attacker to crash the server process, resulting in a denial-of-service condition. Impact Level: Application

Solution

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Insight

This flaw is caused by a buffer overflow error when handling overly long 'HEAD' requests, which could allow remote unauthenticated attackers to compromise a vulnerable web server via a specially crafted request.

Affected

Kolibri Webserver version 2.0

References

http://www.exploit-db.com/exploits/15834/
http://www.vupen.com/english/advisories/2010/3332

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Cherokee URI Directory Traversal Vulnerability and Information Disclosure Vulnerability
IIS Service Pack - 404
IBM WebSphere Application Server JNDI information disclosure Vulnerability
IBM WebSphere Application Server Multiple CSRF Vulnerabilities
IBM WebSphere Application Server Cross-Site Request Forgery Vulnerability

Take action and discover your vulnerabilities