Reptile Web Server HTTP GET request denial of service
|reptilewebserver-get-dos (14932)||Medium Risk|
Reptile Web Server is vulnerable to a denial of service. A remote attacker can send multiple HTTP GET requests for a file that exists on the server without including the HTTP version string to cause Reptile to consume a majority of the CPU resources.
Denial of Service
No remedy available as of August 1, 2014.
- BugTraq Mailing List, Sat Jan 24 2004 - 11:41:40 CST : Resources consumption in Reptile webserver daily version.
- BID-9482: Reptile Web Server Remote Denial Of Service Vulnerability
- CVE-2004-2120: Reptile Web Server allows remote attackers to cause a denial of service (CPU consumption) via multiple incomplete GET requests without the HTTP version.
- OSVDB ID: 34293: Reptile Web Server Malformed GET Request DoS
- SECTRACK ID: 1008842: Reptile Web Server HTTP Request Flaw Lets Remote Users Deny Service
- Reptile Web Server Reptile Web Server
Jan 25, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this