HTTP Version Number Overflow Network Vulnerability

Summary

It was possible to kill the web server by sending an invalid GET request with a too long HTTP version field A cracker may exploit this vulnerability to make your web server crash continually or even execute arbirtray code on your system.

Solution

upgrade your software or protect it with a filtering reverse proxy

Severity

Classification

CVE CVE-2002-1061
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Cherokee directory traversal flaw
HTTP User-Agent overflow
SysV /bin/login buffer overflow (telnet)
Helix RealServer Buffer Overrun
Boozt index.cgi overflow

HTTP version number overflow

Take action and discover your vulnerabilities