CVE-2016-9564

Name of the Vulnerable Software and Affected Versions Boa Webserver version 0.92r

Description The issue is related to a buffer overflow in the send redirect() function, which can be triggered by remote attackers through an HTTP GET request. This request must contain a long URI with only '/' and '.' characters, leading to a denial of service (DoS).

Recommendations For Boa Webserver version 0.92r, consider restricting access to the send redirect() function until a patch is available. As a temporary workaround, limit the length of URIs that can be processed by the server to prevent the buffer overflow.