HTTP User-Agent Overflow Network Vulnerability

Summary

It was possible to kill the web server by sending an invalid GET request with a too long User-Agent field A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system.

Solution

upgrade your software or protect it with a filtering reverse proxy

Severity

Classification

CVE CVE-2001-0836
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

apcupsd overflows
Discuz! <= 4.0.0 rc4 Arbitrary File Upload Flaw
Linksys multiple remote vulnerabilities
ProFTPD Backdoor Unauthorized Access Vulnerability
Helix RealServer Buffer Overrun

HTTP User-Agent overflow

Take action and discover your vulnerabilities