Vulnerabilities > CVE-2004-2496

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
nessus
exploit available

Summary

The HTTP daemon in OpenText FirstClass 7.1 and 8.0 allows remote attackers to cause a denial of service (service availability loss) via a large number of POST requests to /Search.

Vulnerable Configurations

Part Description Count
Application
Opentext
2

Exploit-Db

descriptionOpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS. CVE-2004-2496. Dos exploit for windows platform
idEDB-ID:687
last seen2016-01-31
modified2004-12-15
published2004-12-15
reporterdila
sourcehttps://www.exploit-db.com/download/687/
titleOpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS

Nessus

NASL familyWeb Servers
NASL idFIRSTCLASS_HTTP_DOS.NASL
descriptionThe remote host is running OpenText FirstClass, a web-based unified messaging system. The remote version of this software is vulnerable to an unspecified denial of service attack that could allow an attacker to disable this service remotely.
last seen2020-06-01
modified2020-06-02
plugin id15934
published2004-12-11
reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/15934
titleOpenText FirstClass HTTP Daemon /Search Large Request Remote DoS
code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if(description)
{
 script_id(15934);
 script_version ("1.17");
 script_cve_id("CVE-2004-2496");
 script_bugtraq_id(11877);
 
 script_name(english:"OpenText FirstClass HTTP Daemon /Search Large Request Remote DoS");
 
 script_set_attribute(attribute:"synopsis", value:
"The remote web server is susceptible to a denial of service attack." );
 script_set_attribute(attribute:"description", value:
"The remote host is running OpenText FirstClass, a web-based unified
messaging system. 

The remote version of this software is vulnerable to an unspecified
denial of service attack that could allow an attacker to disable this
service remotely." );
 script_set_attribute(attribute:"see_also", value:"https://seclists.org/fulldisclosure/2004/Dec/338" );
 script_set_attribute(attribute:"solution", value:
"Upgrade to a version newer than FirstClass OpenText 8.0.0." );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");


 script_set_attribute(attribute:"plugin_publication_date", value: "2004/12/11");
 script_set_attribute(attribute:"vuln_publication_date", value: "2004/12/14");
 script_cvs_date("Date: 2018/11/15 20:50:25");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();

 
 script_summary(english:"Checks for FirstClass");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
 script_family(english:"Web Servers");
 script_dependencie("find_service1.nasl", "http_version.nasl");
 script_require_ports("Services/www", 80);
 exit(0);
}

#
# The script code starts here
#
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

port = get_http_port(default:80);

banner = get_http_banner(port:port);
if(banner)
{ 
  if(egrep(pattern:"^Server: FirstClass/([0-7]\.|8\.0[^0-9])", string:banner))
   	security_hole(port);
}