Summary
It was possible to kill the web server by
sending an invalid request with a too long HTTP method field
A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system.
Solution
upgrade your software or protect it with a filtering reverse proxy
Severity
Classification
-
CVE CVE-2002-1061 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Asterisk IAX2 Call Number Exhaustion DOS Vulnerability (Linux)
- Epson EventManager 'x-protocol-version' Denial of Service Vulnerability
- Adobe Digital Edition Denial of Service Vulnerability (Windows)
- Apple QuickTime Multiple Denial Of Service Vulnerabilities (Win)
- Google Chrome Multiple Denial of Service Vulnerabilities - February 11(Linux)