Summary
It was possible to kill the web server by
sending a request that ends with two LF characters instead of the normal sequence CR LF CR LF
(CR = carriage return, LF = line feed).
A cracker may exploit this vulnerability to make this server and all LabViews applications crash continually.
Workaround : upgrade your LabView software or run the web server with logging disabled
Severity
Classification
-
CVE CVE-2002-0748 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- ClamAV Hash Manager Off-By-One Denial of Service Vulnerability (Win)
- Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
- ClamAV Prior to 0.96.5 Multiple Vulnerabilities
- FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)
- Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities