BadBlue Webserver Connection Saturation Remote DoS

medium Nessus Network Monitor Plugin ID 2127

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote host is running a version of BadBlue webserver that is reported to be vulnerable to a denial of service. Upon receiving approximatively 24 connections for the same IP address, BadBlue Webserver version up to 2.5 may stop responding to new incoming request as long as the attacker maintains the connections.

Solution

No solution is known at this time.

Plugin Details

Severity: Medium

ID: 2127

Family: Web Servers

Published: 8/18/2004

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS v3

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:H/RL:U/RC:X

Vulnerability Information

CPE: cpe:/a:working_resources_inc.:badblue

Reference Information

CVE: CVE-2004-1727

BID: 10983

Detections

Analytics