ID

VAR-200208-0113


CVE

CVE-2002-0748


TITLE

LabVIEW Web Server Service denial vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200208-177

DESCRIPTION

LabVIEW Web Server 5.1.1 through 6.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that ends in two newline characters, instead of the expected carriage return/newline combinations. A vulnerability has been reported in some versions of National Instruments LabVIEW for Linux and Microsoft Windows. LabVIEW includes an integrated HTTP server. If a malformed HTTP request is received, it is possible to crash the LabVIEW Web Server and LabVIEW itself. This condition occurs when an HTTP GET request is received and terminated with two new line characters, as opposed to the compliant carriage return / new line combination

Trust: 1.26

sources: NVD: CVE-2002-0748 // BID: 4577 // VULMON: CVE-2002-0748

AFFECTED PRODUCTS

vendor:national instrumentsmodel:labviewscope:eqversion:6.0

Trust: 1.6

vendor:national instrumentsmodel:labviewscope:eqversion:6.1

Trust: 1.6

vendor:national instrumentsmodel:labviewscope:eqversion:5.1.1

Trust: 1.6

vendor:nimodel:labviewscope:eqversion:6.1

Trust: 0.3

vendor:nimodel:labviewscope:eqversion:6.0

Trust: 0.3

vendor:nimodel:labviewscope:eqversion:5.1.1

Trust: 0.3

sources: BID: 4577 // CNNVD: CNNVD-200208-177 // NVD: CVE-2002-0748

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-0748
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200208-177
value: MEDIUM

Trust: 0.6

VULMON: CVE-2002-0748
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2002-0748
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

sources: VULMON: CVE-2002-0748 // CNNVD: CNNVD-200208-177 // NVD: CVE-2002-0748

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0748

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200208-177

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200208-177

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2002-0748

PATCH

title: - url:https://github.com/khulnasoft-labs/awesome-security

Trust: 0.1

sources: VULMON: CVE-2002-0748

EXTERNAL IDS

db:BIDid:4577

Trust: 2.0

db:OSVDBid:5119

Trust: 1.7

db:NVDid:CVE-2002-0748

Trust: 1.7

db:BUGTRAQid:20020423 LABVIEW WEB SERVER DOS VULNERABILITY

Trust: 0.6

db:XFid:8919

Trust: 0.6

db:CNNVDid:CNNVD-200208-177

Trust: 0.6

db:EXPLOIT-DBid:21413

Trust: 0.1

db:VULMONid:CVE-2002-0748

Trust: 0.1

sources: VULMON: CVE-2002-0748 // BID: 4577 // CNNVD: CNNVD-200208-177 // NVD: CVE-2002-0748

REFERENCES

url:http://digital.ni.com/public.nsf/websearch/4c3f86e655e5389886256ba00064b22f?opendocument

Trust: 2.0

url:http://archives.neohapsis.com/archives/bugtraq/2002-04/0323.html

Trust: 1.7

url:http://www.iss.net/security_center/static/8919.php

Trust: 1.7

url:http://www.securityfocus.com/bid/4577

Trust: 1.7

url:http://www.osvdb.org/5119

Trust: 1.7

url:http://sine.ni.com/apps/we/nioc.vp?cid=1381&lang=us

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=3676

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.exploit-db.com/exploits/21413/

Trust: 0.1

sources: VULMON: CVE-2002-0748 // BID: 4577 // CNNVD: CNNVD-200208-177 // NVD: CVE-2002-0748

CREDITS

Published by Steve Zins <steve@iLabVIEW.com>.

Trust: 0.3

sources: BID: 4577

SOURCES

db:VULMONid:CVE-2002-0748
db:BIDid:4577
db:CNNVDid:CNNVD-200208-177
db:NVDid:CVE-2002-0748

LAST UPDATE DATE

2024-08-14T14:16:20.024000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2002-0748date:2008-09-05T00:00:00
db:BIDid:4577date:2002-04-19T00:00:00
db:CNNVDid:CNNVD-200208-177date:2005-05-02T00:00:00
db:NVDid:CVE-2002-0748date:2008-09-05T20:28:50.913

SOURCES RELEASE DATE

db:VULMONid:CVE-2002-0748date:2002-08-12T00:00:00
db:BIDid:4577date:2002-04-19T00:00:00
db:CNNVDid:CNNVD-200208-177date:2002-08-12T00:00:00
db:NVDid:CVE-2002-0748date:2002-08-12T04:00:00