PT-2001-1840 · Orange · Orange Web Server
Publicado
2001-08-06
·
Atualizado
2008-09-05
·
CVE-2001-0647
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions:
Orange Web Server version 2.1
Description:
The issue allows a remote attacker to perform a denial of service via an HTTP GET request that does not include the HTTP version. This can be achieved by sending a malformed request to the affected server.
Recommendations:
For Orange Web Server version 2.1, consider implementing a workaround to handle HTTP requests without version specification, such as configuring the server to reject or properly handle such requests until a patch is available.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Orange Web Server