WebsitePro <2.5 HTTP GET Request Remote Overflow

high Nessus Network Monitor Plugin ID 1449

Synopsis

The remote host is vulnerable to an overflow.

Description

The remote Web server is a version of WebSitePro which is older than v2.5. There are several buffer overflows in all the releases of WebSitePro older than 2.5. An attacker may exploit them to execute arbitrary code on this host or simply to disable this service

Solution

Upgrade to WebSitePro 2.5 or higher.

See Also

http://archives.neohapsis.com/archives/bugtraq/2000-07/0271.html

Plugin Details

Severity: High

ID: 1449

Family: Web Servers

Published: 8/20/2004

Updated: 3/6/2019

Nessus ID: 10476

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:oreilly:website_professional

Reference Information

CVE: CVE-2000-0623

BID: 1492