dwhttpd < 4.2 GET Request Remote Format String (deprecated)

high Nessus Network Monitor Plugin ID 1506

Synopsis

The remote dwhttpd server is vulnerable to a format string attack.

Description

The remote dwhttpd server is vulnerable to a format string attack. An attacker may use this flaw to execute arbitrary code on this host, with the privileges of the dwhttpd web server

Solution

Upgrade to version 4.2 or higher.

Plugin Details

Severity: High

ID: 1506

Family: Web Servers

Published: 8/18/2004

Updated: 9/16/2018

Nessus ID: 11075

Reference Information

BID: 5384

Detections

Analytics