HTTP Negative Content-Length Buffer Overflow Network Vulnerability

Summary

We could crash the web server by sending an invalid POST HTTP request with a negative Content-Length field. A cracker may exploit this flaw to disable your service or even execute arbitrary code on your system.

Solution

Upgrade your web server

Severity

Classification

CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

MonkeyWeb POST with too much data
ProFTPD Backdoor Unauthorized Access Vulnerability
yppasswdd overflow
TFTPD overflow
Header overflow against HTTP proxy

HTTP negative Content-Length buffer overflow

Take action and discover your vulnerabilities