header-logo
Suggest Exploit
vendor:
DiGi WWW Server
by:
Unknown
7.5
CVSS
HIGH
Denial of Service
Unknown
CWE
Product Name: DiGi WWW Server
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: a:digi:www_server
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

DiGi WWW Server Remote Denial of Service Vulnerability

The DiGi WWW Server is vulnerable to a remote denial of service attack. This vulnerability can be exploited by sending a malformed HTTP GET request to the server, causing the web server process to consume excessive CPU resources. An example of a malicious request is: GET ///[660Kb of /]/// HTTP/1.1

Mitigation:

No known mitigation or remediation is currently available for this vulnerability. It is recommended to apply patches or updates from the vendor when they become available.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10228/info

The DiGi WWW Server has been reported to contain a remote denial of service vulnerability. It has been reported that when the server receives a malformed HTTP GET request, the web server process will consume large amounts of CPU resources.

Since this is a web server application, this leads to a remotely exploitable denial of service vulnerability.

GET ///[660Kb of /]/// HTTP/1.1

to a vulnerable server would demonstrate the effect.

Navigation

Suggest Exploit

Services By CQR