vendor:
httpdx
by:
st3n
7,8
CVSS
HIGH
Denial of Service
400
CWE
Product Name: httpdx
Affected Version From: 1.5.4
Affected Version To: 1.5.4
Patch Exists: YES
Related CWE: N/A
CPE: a:httpdx:httpdx:1.5.4
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: WinXP SP3
2012
httpdx v1.5.4 Remote HTTP Server DoS (using wildcards)
A denial of service vulnerability exists in httpdx v1.5.4 due to improper handling of wildcards in HTTP requests. An attacker can send a specially crafted HTTP request with a large number of wildcards to cause a denial of service condition. This vulnerability can be exploited remotely without authentication.
Mitigation:
Upgrade to the latest version of httpdx.
