Nessus Plugin #10930
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
HTTP Windows 98 MS/DOS device names DOS
- Family:
- Denial of Service
- Category:
- kill_host
- Copyright:
- This script is Copyright (C) 2001 Michel Arboi
- Summary:
- Crashes Windows 98
- Version:
- $Revision: 1.22 $
- Cve_id:
- CVE-2001-0386, CVE-2001-0493, CAN-2001-0391, CVE-2001-0558, CAN-2002-0200, CVE-2000-0168, CAN-2003-0016, CAN-2001-0602
- Bugtraq_id:
- 1043, 2575, 2608, 2622, 2649, 2704, 3929, 6659, 6662
- Xrefs:
- -
- Description:
It was possible to freeze or reboot Windows by
reading a MS/DOS device through HTTP, using
a file name like CON\CON, AUX.htm or AUX.
A cracker may use this flaw to make your
system crash continuously, preventing
you from working properly.
Solution : upgrade your system or use a
HTTP server that filters those names out.
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.