Xlight 1.52 Denial of Service Vulnerability via Long Directory Request

Xlight 1.52 Denial of Service Vulnerability via Long Directory Request

CVE-2004-0255 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow.

Learn more about our Cis Benchmark Audit For Server Software.