漏洞类别:Web server
漏洞等级:
漏洞信息
Viking Server is a Web server developed by Robotex. Several buffer overflows have been detected in this Web server.
A malicious user can crash the Viking Server by issuing a large "GET" request or setting one of the "Unless-Modified-Since", "If-Range", "If-Modified-Since" HTTP fields to a large value (approximately 15000 characters). All versions of Viking Web server through Version 1.06 (Release 371) are vulnerable.
漏洞危害
By exploiting this vulnerability, unauthorized users can either create a denial of service or execute arbitrary code on the Web server.
解决方案
Upgrade to the latest version of Viking Server, which is available for download from the Robtex Web site.
0day
文章评论