Published: 10/11/2006 Updated: 17/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Stack-based buffer overflow in Essentia Web Server 2.15 for Windows allows remote malicious users to execute arbitrary code via a long URI, as demonstrated by a GET or HEAD request. NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
essen essentia web server 2.15

#!/usr/bin/perl use IO::Socket; use Getopt::Std; getopts('h:', \%args); if (defined($args{'h'})) { $host = $args{'h'}; } print STDERR "\n-=[ Essentia Web Server 215 Remote DOS Exploit]=-\n"; print STDERR "-=[ Discovered By CorryL corryl80@gmailcom ]=-\n"; print STDERR "-=[ Coded by CorryL info:wwwx0n3-h4ckorg ]=-\n\n"; if ...

source: wwwsecurityfocuscom/bid/4159/info Essentia Web Server is a multi-threaded HTTP server designed for Microsoft Windows and Linux environments Essentia is maintained by Essen Essentia is prone to a remote denial of service This condition may be triggered by submitting an excessively long URL (2000+ bytes) Successful exploitation ...

NVD-CWE-Other http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050537.html http://www.securityfocus.com/bid/20910 http://secunia.com/advisories/22718 http://securityreason.com/securityalert/1846 http://www.vupen.com/english/advisories/2006/4384 https://exchange.xforce.ibmcloud.com/vulnerabilities/30049 https://www.exploit-db.com/exploits/2716 http://www.securityfocus.com/archive/1/451382/100/200/threaded http://www.securityfocus.com/archive/1/451115/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/2716/

CVE-2006-5850

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect