HTTP: Xerver NULL Char Injection In URI
This signature detects attempts to exploit a known vulnerability in the Xerver 4.32. A successful attack can lead to source code disclosure, which can aid the attacker in performing a more sophisticated attack on the victim's system.
Extended Description
Xerver is prone to multiple vulnerabilities including source code disclosure, denial of service, security bypass, and directory-traversal issues. Successfully exploiting these issues may allow an attacker to disclose sensitive information, bypass certain security-restrictions, perform denial-of-service attacker or execute arbitrary binaries. These issues affect Xerver versions up to and including 4.32.
Affected Products
Xerver xerver
References
BugTraq: 42110
Short Name
HTTP:EXPLOIT:XERVER-NULL-INJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Char In Injection NULL URI Xerver bid:42110
Release Date
08/09/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Xerver