Vulnerabilities > CVE-2004-2316 - Denial Of Service vulnerability in Mbedthis Software AppWeb HTTP Server Empty Options Request

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

mbedthis-software

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Mbedthis AppWeb HTTP server before 1.0.2 allows remote attackers to cause a denial of service (crash) via a GET request containing an MS-DOS device name such as COM1.

Vulnerable Configurations

Part	Description	Count
Application	Mbedthis_Software Mbedthis Software Mbedthis Appweb Http Server *	1

References

http://secunia.com/advisories/10710/
http://www.securityfocus.com/bid/9494
https://exchange.xforce.ibmcloud.com/vulnerabilities/14926