CVE-2002-0099

Name of the Vulnerable Software and Affected Versions Michael Lamont Savant Web Server version 3.0

Description The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending a long HTTP request to the "cgi-bin" directory. This request must contain a CGI program name with a large number of . (dot) characters.

Recommendations For Michael Lamont Savant Web Server version 3.0, consider restricting access to the cgi-bin directory or limiting the length of HTTP requests to prevent exploitation until a fix is available. As a temporary workaround, avoid using CGI program names with a large number of . characters in the cgi-bin directory.