Vulnerabilities > CVE-2003-1510 - Remote Denial of Service vulnerability in RIT Research Labs Tinyweb 1.9
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU consumption) via a ".%00." in an HTTP GET request to the cgi-bin directory.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Web Servers |
NASL id | TINYWEB.NASL |
description | According to its banner, the remote version of TinyWeb has a denial of service vulnerability. Issuing a specially crafted GET request similar to : GET /cgi-bin/.%00./dddd.html can cause the server to consume large amounts of CPU time. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11894 |
published | 2003-10-16 |
reporter | This script is Copyright (C) 2003-2018 Matt North |
source | https://www.tenable.com/plugins/nessus/11894 |
title | TinyWeb cgi-bin Crafted HTTP GET Request DoS |
code |
|