Vulnerabilities > CVE-2003-1510 - Unspecified vulnerability in RIT Research Labs Tinyweb 1.9

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
rit-research-labs
nessus
NVD
Published: 2003-12-31
Updated: 2024-11-20

Summary

TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU consumption) via a ".%00." in an HTTP GET request to the cgi-bin directory.

Vulnerable Configurations

Part Description Count
Application
Rit_Research_Labs
1

Nessus

NASL familyWeb Servers
NASL idTINYWEB.NASL
descriptionAccording to its banner, the remote version of TinyWeb has a denial of service vulnerability. Issuing a specially crafted GET request similar to : GET /cgi-bin/.%00./dddd.html can cause the server to consume large amounts of CPU time.
last seen2020-06-01
modified2020-06-02
plugin id11894
published2003-10-16
reporterThis script is Copyright (C) 2003-2018 Matt North
sourcehttps://www.tenable.com/plugins/nessus/11894
titleTinyWeb cgi-bin Crafted HTTP GET Request DoS
code
#

# Changes by Tenable:
# - Revised plugin title, output formatting, family change (9/3/09)

include("compat.inc");

if(description)
{
 script_id(11894);
 script_version("1.16");
 script_cve_id("CVE-2003-1510");
 script_bugtraq_id(8810);
 
 script_name(english:"TinyWeb cgi-bin Crafted HTTP GET Request DoS");

 script_set_attribute(
   attribute:"synopsis",
   value:"The remote web server has a denial of service vulnerability."
 );
 script_set_attribute(
   attribute:"description",
   value:
"According to its banner, the remote version of TinyWeb has a denial
of service vulnerability.  Issuing a specially crafted GET request
similar to :

  GET /cgi-bin/.%00./dddd.html

can cause the server to consume large amounts of CPU time."
 );
 script_set_attribute(
   attribute:"solution",
   value:"Contact the vendor for a patch."
 );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");
 script_set_attribute(attribute:"plugin_publication_date", value: "2003/10/16");
 script_set_attribute(attribute:"vuln_publication_date", value: "2003/10/10");
 script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/12");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();

 script_summary(english:"Checks for version of TinyWeb");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2003-2020 Matt North");
 script_family(english:"Web Servers");
 script_dependencie("find_service1.nasl", "http_version.nasl");
 script_require_ports("Services/www", 80);
 exit(0);
}

include("http_func.inc");

port = get_http_port(default:80, embedded:TRUE);


if(get_port_state(port)) {
        ban = get_http_banner(port: port);
        if(!ban) exit(0);
        if(egrep(pattern:"^Server:.*TinyWeb/(0\..*|1\.[0-9]([^0-9]|$))",
		 string:ban))security_hole(port);
}

References