CVE-2004-2534

Name of the Vulnerable Software and Affected Versions Fastream NETFile Server version 7.1.2

Description The issue allows remote attackers to perform a denial of service by consuming connections, which occurs when the software fails to handle keep-alive connection timeouts and does not close the connection after a HEAD request. This can be exploited by sending a large number of HTTP HEAD requests.

Recommendations For Fastream NETFile Server version 7.1.2, consider implementing measures to handle keep-alive connection timeouts properly and ensure connections are closed after a HEAD request to prevent connection consumption. As a temporary workaround, consider restricting the number of concurrent connections or implementing rate limiting on HTTP HEAD requests until a patch is available.