Intrusion Prevention

HTTP.If.Modified.Since.Header.Too.Long

Description

This indicates a vulnerability in iMatix Xitami Web Server 2.5c2. This vulnerability is caused by a stack overflow during handling of an excessively long "If-Modified-Since:" field in the http header. It allows remote attackers to execute arbitrary code by sending an http request with a specific header.

Affected Products

Xitami version 2.5c2 and prior.

Impact

System compromise, remote code execution.

Recommended Actions

Currently we are not aware of any official fix for this issue.

CVE References

CVE-2007-5067