AnalogX SimpleServer:WWW服务拒绝漏洞

AnalogX SimpleServer:WWW服务拒绝漏洞

漏洞ID 1106310 漏洞类型 未知
发布时间 2001-04-17 更新时间 2005-05-02
图片[1]-AnalogX SimpleServer:WWW服务拒绝漏洞-安全小百科CVE编号 CVE-2001-0386
图片[2]-AnalogX SimpleServer:WWW服务拒绝漏洞-安全小百科CNNVD-ID CNNVD-200107-027
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/20771
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200107-027
|漏洞详情
AnalogXSimpleServer:WWW1.08版本存在漏洞。远程攻击者可以借助/aux目录的HTTP请求导致服务拒绝。
|漏洞EXP
source: http://www.securityfocus.com/bid/2608/info

Simpleserver:WWW is a freely available web server from AnalogX. Simpleserver:WWW is designed to provide an easy to use web server with a friendly interface.

A problem with the web server could lead to a Denial of Service to legitimate users. By connecting to the web server, and requesting an HTTP GET of the /aux directory, the web server ceases operation. A watchdog process or manual restart of the web server process is required.

Therefore, it is possible for remote users to deny service to legitimate users of the web server. 

telnet vulnerable.web.server 80
GET /aux
then hit return twice
|参考资料

来源:BID
名称:2608
链接:http://www.securityfocus.com/bid/2608
来源:BUGTRAQ
名称:20010417AdvisoryforSimpleServer:WWW(analogX)
链接:http://www.securityfocus.com/archive/1/177156
来源:XF
名称:analogx-simpleserver-aux-dos(6395)
链接:http://xforce.iss.net/static/6395.php
来源:OSVDB
名称:3781
链接:http://www.osvdb.org/3781

相关推荐: PHP Ticket Cross Site Scripting Vulnerability

PHP Ticket Cross Site Scripting Vulnerability 漏洞ID 1101815 漏洞类型 Input Validation Error 发布时间 2002-06-28 更新时间 2002-06-28 CVE编号 N/A C…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享