Sami HTTP Server Multiple Remote Vulnerabilities

medium Nessus Plugin ID 16468

Synopsis

The remote server is affected by several flaws.

Description

The remote host seems to be running Sami HTTP Server, an HTTP server for Windows.

The remote version of this software contains multiple vulnerabilities. Sami HTTP server is vulnerable to a denial of service attack. An attacker can exploit this flaw by sending '\r\n\r\n' string.

Sami HTTP server is vulnerable to a directory traversal attack. An attacker may exploit this flaw to gain access to sensitive data like password files.

Solution

Sami HTTP Server is not supported any more. Use another web server.

Plugin Details

Severity: Medium

ID: 16468

File Name: samihttp_1_0_5.nasl

Version: 1.12

Type: remote

Family: Web Servers

Published: 2/16/2005

Updated: 8/8/2018

Supported Sensors: Nessus

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2/15/2005

Reference Information

BID: 12559