CVE-2008-6520

CVE-2008-6520 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Multiple format string vulnerabilities in the SSI filter in Xitami Web Server 2.5c2, and possibly other versions, allow remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in a URI that ends in (1) .ssi, (2) .shtm, or (3) .shtml, which triggers incorrect logging code involving the sendfmt function in the SMT kernel.

Learn more about our Web App Pen Testing.