Vulnerabilities > CVE-2001-0391 - Unspecified vulnerability in Imatix Xitami 2.4D7/2.5D4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
| NASL family | Web Servers |
| NASL id | HTTP_W98_DEVNAME_DOS.NASL |
| description | It was possible to freeze or reboot Windows by reading a MS/DOS device through HTTP, using a file name like CON\CON, AUX.htm, or AUX. An attacker could exploit this flaw to deny service to the affected system. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 10930 |
| published | 2002-03-29 |
| reporter | This script is Copyright (C) 2002-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/10930 |
| title | Multiple Web Server on Windows MS/DOS Device Request Remote DOS |