| VID |
22384 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The WindWeb Web Server, according to its banner, has a remote denial of service vulnerability. WindWeb Web server is a HTTP server created for managing ethernet routers and ADSL modems. Hasbani/WindWeb Web Server version 2.0 and earlier versions are vulnerable to a remote denial of service vulnerability via specially crafted GET requests. A remote attacker could exploit this vulnerability to deny access to the web server to legitimate users.
* Note: This check solely relied on the banner of the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://www.x0n3-h4ck.org/index.php?name=news&article=92
http://downloads.securityfocus.com/vulnerabilities/exploits/Hasbani_dos.c
http://www.securiteam.com/exploits/6Y00V00EAM.html
http://www.osvdb.org/displayvuln.php?osvdb_id=20447
* Platforms Affected:
Hasbani/WindWeb Web Server version 2.0 and earlier versions
Router / Modem Any version |
| Recommendation |
No upgrade or patch available as of June 2014.
Limit access to the affected Web server. |
| Related URL |
CVE-2005-3475 (CVE) |
| Related URL |
15225 (SecurityFocus) |
| Related URL |
(ISS) |
|
