Vulnerability Description
Fastream NETFile Server 7.1.2 does not properly handle keep-alive connection timeouts and does not close the connection after a HEAD request, which allows remote attackers to perform a denial of service (connection consumption) by sending a large number HTTP HEAD requests.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fastream | Netfile Server | 6.5.1.980 |
References
- http://secunia.com/advisories/13268PatchVendor Advisory
- http://securitytracker.com/id?1012267
- http://users.pandora.be/bratax/advisories/b003.html
- http://www.osvdb.org/12101
- http://www.securityfocus.com/bid/11687
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18192
- http://secunia.com/advisories/13268PatchVendor Advisory
- http://securitytracker.com/id?1012267
- http://users.pandora.be/bratax/advisories/b003.html
- http://www.osvdb.org/12101
- http://www.securityfocus.com/bid/11687
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18192
FAQ
What is CVE-2004-2534?
CVE-2004-2534 is a vulnerability with a CVSS score of 7.8 (HIGH). Fastream NETFile Server 7.1.2 does not properly handle keep-alive connection timeouts and does not close the connection after a HEAD request, which allows remote attackers to perform a denial of servi...
How severe is CVE-2004-2534?
CVE-2004-2534 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2534?
Check the references section above for vendor advisories and patch information. Affected products include: Fastream Netfile Server.