Vulnerability Details CVE-2005-2806
client.cpp in BNBT EasyTracker 7.7r3.2004.10.27 and earlier allows remote attackers to cause a denial of service (application hang) via an HTTP header containing only a ":" (colon), possibly leading to an integer signedness error due to a missing field name or value.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.5%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=112542080127451&w=2
- http://secunia.com/advisories/16613/
- http://secway.org/advisory/AD20050830.txt
- http://www.securityfocus.com/bid/14700
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22058
- http://marc.info/?l=bugtraq&m=112542080127451&w=2
- http://secunia.com/advisories/16613/
- http://secway.org/advisory/AD20050830.txt
- http://www.securityfocus.com/bid/14700
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22058
Products affected by CVE-2005-2806
-
cpe:2.3:a:trevor_hogan:bnbt:7.5_beta_release2
-
cpe:2.3:a:trevor_hogan:bnbt:7.5_beta_release3
-
cpe:2.3:a:trevor_hogan:bnbt:7.7_2004-10-27_r3