Weborf 'get_param_value()' Function HTTP Header Handling Denial Of Service Vulnerability Network Vulnerability

Summary

Weborf is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause the application to crash, denying service to legitimate users. Versions prior to Weborf 0.12.5 are vulnerable.

Solution

Updates are available. Please see the references for details.

References

http://galileo.dmi.unict.it/svn/weborf/trunk/CHANGELOG
http://galileo.dmi.unict.it/wiki/weborf/doku.php
https://www.securityfocus.com/bid/46054

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

CoreHTTP 'src/http.c ' Buffer Overflow Vulnerability
Mongoose Web Server Remote Buffer Overflow Vulnerability
PHP Built-in WebServer 'Content-Length' Denial of Service Vulnerability
Xerver HTTP Server Web Administration Denial of Service Vulnerability
Savant Web Server Remote Buffer Overflow Vulnerability

Take action and discover your vulnerabilities