| VID |
12068 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The OmniHTTPd Pro HTTP Server is vulnerable to a denial of service attack by a long POST URL request. OmniHTTPd is a compact HTTP server, developed by Omnicron Technologies for the Windows 9x and NT platforms. OmniHTTPd Pro version 2.08 is vulnerable to a denial of service attack caused by a buffer overflow when handling a long POST request. By sending a POST request that exceeds 4111 bytes in size, a remote attacker can cause the affected server to crash.
* References:
http://www.securiteam.com/windowsntfocus/5AP0H204AW.html
http://www.osvdb.org/displayvuln.php?osvdb_id=1829
* Platforms Affected:
Omnicron Technologies, OmniHTTPd Pro 2.08
Microsoft Windows Any version |
| Recommendation |
No upgrade or patch available as of June 2014. Recommend that use another one. |
| Related URL |
CVE-2001-0613 (CVE) |
| Related URL |
2730 (SecurityFocus) |
| Related URL |
6540 (ISS) |
|
