CVE-2000-0775 - Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a den

CVE-2000-0775

Summary

Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a denial of service or execute arbitrary commands via a long HTTP GET request, or long Unless-Modified-Since, If-Range, or If-Modified-Since headers.

References

http://www.robtex.com/viking/bugs.htm
http://www.securityfocus.com/bid/1614
http://www.securityfocus.com/templates/archive.pike?list=1&msg=399a01c01122$0d7f2310$0201a8c0@aviram

Vulnerable Configurations

cpe:2.3:a:robtex:viking_server:*:*:*:*:*:*:*:*
cpe:2.3:a:robtex:viking_server:*:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 05-09-2008 - 20:21)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	1614
bugtraq	20000828 [NT] Viking security vulnerabilities enable remote code execution (long URL, date parsing)
confirm	http://www.robtex.com/viking/bugs.htm

Last major update

05-09-2008 - 20:21

Published

20-10-2000 - 04:00

Last modified

05-09-2008 - 20:21