Overview
HAHTsite Scenario Server fails to properly handle HTTP requests containing an overly long "project name".
Description
HAHTsite Scenario Server is an e-Business platform that consists of a web application server and web development environment. There is a buffer overflow vulnerability in the way HAHTsite Scenario Server processes incoming HTTP requests. By supplying a specially crafted HTTP request containing an overly long "project name", a remote, unauthenticated attacker could cause the HAHTsite Scenario Server process to crash or potentially execute code of the attacker's choice. |
Impact
A remote, unauthenticated attacker could cause the HAHTsite Scenario Server process to crash or potentially execute code of the attacker's choice. |
Solution
Upgrade HAHT has published a fix to address this issue. For information on obtaining this fix, please refer to HAHT Knowledge Base Article ID: 20030010. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This vulnerability was reported by Dennis Rand.
This document was written by Damon Morda.
Other Information
| CVE IDs: | None |
| Severity Metric: | 10.75 |
| Date Public: | 2004-04-02 |
| Date First Published: | 2004-04-14 |
| Date Last Updated: | 2004-04-14 21:39 UTC |
| Document Revision: | 12 |