header-logo
Suggest Exploit
vendor:
Ultraboard
by:
SecurityFocus
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Ultraboard
Affected Version From: 1.6
Affected Version To: Ultraboard 2000
Patch Exists: YES
Related CWE: N/A
CPE: cpe:a:ultraboard:ultraboard
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

UltraBoard 1.6 Denial of Service

A remote user is able to expend all of the available resources of the webserver by using a specially-devised request to the CGI. This request causes a fork, which will then consume the processor time and memory of the server.

Mitigation:

Upgrade to the latest version of UltraBoard.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1175/info

UltraBoard 1.6 (and possibly all 1.x versions and the new beta Ultraboard 2000) are vulnerable to this Denial of Service attack.

A remote user is able to expend all of the available resources of the webserver by using a specially-devised request to the CGI. This request causes a fork, which will then consume the processor time and memory of the server.

http:://target/ultraboard.pl?request=Session=../UltraBoard.pl%00%7c

Navigation

Suggest Exploit

Services By CQR