Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.

The remote host is running a version of Apache2 for Win32 which is older than 2.0.44. There are several flaws pre-2.0.44 which may allow an attacker to crash this host or even execute arbitrary code remotely. However, these bugs only affect WindowsME and Windows9x.

The remote host appears to be running a version of Apache for Windows that is older than 2.0.44.

There are several flaws in this version that allow an attacker to crash this host or even execute arbitrary code remotely, but it only affects WindowsME and Windows9x.

*** Note that Nessus solely relied on the version number
*** of the remote server to issue this warning. This might
*** be a false positive.

It was possible to freeze or reboot Windows by reading a MS/DOS device through HTTP, using a file name like CON\CON, AUX.htm, or AUX. An attacker could exploit this flaw to deny service to the affected system.

ID	Name	Product	Family	Severity
1497	Apache < 2.0.44 MS-DOS Device Name DoS / Code Execution	Nessus Network Monitor	Web Servers	high
11209	Apache < 2.0.44 DOS Device Name Multiple Remote Vulnerabilities (Code Exec, DoS)	Nessus	Web Servers	high
10930	Multiple Web Server on Windows MS/DOS Device Request Remote DOS	Nessus	Web Servers	medium
800550	Apache < 2.0.44 MS-DOS Device Name DoS / Code Execution	Log Correlation Engine	Web Servers	high

Detections

Analytics

CVE-2003-0016

critical

Tenable Plugins

high

high

medium

high