CVE-2003-1569
GoAhead WebServer < 2.1.5 - Denial of Service via Device Name Path Component
Title source: llmDescription
GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service (daemon crash) via an HTTP request with a (1) con, (2) nul, (3) clock$, or (4) config$ device name in a path component, different vectors than CVE-2001-0385.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
http://data.goahead.com/Software/Webserver/2.1.8/release.htm#windows-95-98-me-aux-denial-of-service
Scores
EPSS
0.0112
EPSS Percentile
62.3%
Details
CWE
CWE-20
Status
published
Products (6)
goahead/goahead_webserver
2.0
goahead/goahead_webserver
2.1
goahead/goahead_webserver
2.1.1
goahead/goahead_webserver
2.1.2
goahead/goahead_webserver
2.1.3
goahead/goahead_webserver
< 2.1.4
Published
Feb 06, 2009
Tracked Since
Feb 18, 2026