HomePentest-Tools.com Logo

H2O HTTP Server DoS Vulnerability CVE-2016-7835

Severity
CVSSv3 Score
9.1
Vulnerability description

H2O HTTP Server is prone to a denial of service vulnerability.

Risk description

A use-after-free vulnerability exists in H2O that can be used by a remote attacker to execute DoS attacks or information theft An unauthenticated remote attacker may cause a DoS condition or obtain arbitrary information which may include the server certificates private keys, depending on the softwares settings.

Recommendation

Update to version 2.0.5, 2.1.0-beta4 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 9, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available