Kolibri Webserver 'HEAD' Request Processing Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is running Kolibri Webserver and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow attacker to crash the server process, resulting in a denial-of-service condition. Impact Level: Application

Solution

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Insight

This flaw is caused by a buffer overflow error when handling overly long 'HEAD' requests, which could allow remote unauthenticated attackers to compromise a vulnerable web server via a specially crafted request.

Affected

Kolibri Webserver version 2.0

References

http://www.exploit-db.com/exploits/15834/
http://www.vupen.com/english/advisories/2010/3332

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

CUPS Information Disclosure Vulnerability
IBM WebSphere Application Server 'plugin-key.kdb' Information Disclosure Vulnerability
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities
Codebrws.asp Source Disclosure Vulnerability
Check for IIS .cnf file leakage

Take action and discover your vulnerabilities