Summary
The host is running Mongoose Web Server and is prone to remote buffer overflow vulnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Impact Level: System/Application
Solution
Apply the patch from below link,
https://code.google.com/p/mongoose/source/detail?r=025b11b1767a311b0434a385f5115463f6293ce9
Insight
The flaw is due to an error in the 'put_dir()' function (mongoose.c) when processing HTTP PUT web requests. This can be exploited to cause an assertion error or a stack-based buffer overflow.
Affected
Mongoose Web Server version 3.0
References
Severity
Classification
-
CVE CVE-2011-2900 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities