CVE-2000-0898
UnknownEPSS 1.22%
Last modified
CVE-2000-0898 is a vulnerability of currently unknown severity. Small HTTP Server 2.01 does not properly process Server Side Includes (SSI) tags that contain null values, which allows local users, and possibly remote attackers, to cause the server to crash by inserting the SSI into an HTML file.. EPSS estimates a 1.22% chance of exploitation in the next 30 days.
Description
Small HTTP Server 2.01 does not properly process Server Side Includes (SSI) tags that contain null values, which allows local users, and possibly remote attackers, to cause the server to crash by inserting the SSI into an HTML file.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Max Feoktistov | Small Http Server | 2.01 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2000-0898?
Small HTTP Server 2.01 does not properly process Server Side Includes (SSI) tags that contain null values, which allows local users, and possibly remote attackers, to cause the server to crash by inserting the SSI into an HTML file.
How severe is CVE-2000-0898?
Severity scoring for CVE-2000-0898 is pending analysis. The EPSS model estimates a 1.22% probability of exploitation in the next 30 days.
How do I fix CVE-2000-0898?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2000-0898?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST