20100512

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

eterna

NVD

Published: 2010-08-02

Updated: 2017-08-17

Summary

bozotic HTTP server (aka bozohttpd) 20090522 through 20100512 allows attackers to cause a denial of service via vectors related to a "wrong code generation interaction with GCC." Per: http://www.eterna.com.au/bozohttpd/ 'please note that a bozohttpd versions 20090522 to 20100512, inclusive, have a serious wrong code generation interaction with GCC that has been fixed in the 20100617 release. any one using these versions should upgrade to the 20100617 release, or newer.'

Vulnerable Configurations

Part	Description	Count
Application	Eterna Eterna Bozohttpd 20090522 Eterna Bozohttpd 20100509 Eterna Bozohttpd 20100512	3

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590298
http://security-tracker.debian.org/tracker/CVE-2010-2195
http://www.eterna.com.au/bozohttpd
http://www.eterna.com.au/bozohttpd/CHANGES
https://exchange.xforce.ibmcloud.com/vulnerabilities/60876