CVE-2004-2534

Fastream NETFile Server 7.1.2 - DoS

Title source: llm

Description

Fastream NETFile Server 7.1.2 does not properly handle keep-alive connection timeouts and does not close the connection after a HEAD request, which allows remote attackers to perform a denial of service (connection consumption) by sending a large number HTTP HEAD requests.

Exploits (1)

exploitdb WORKING POC VERIFIED

by karak0rsan · perldoswindows

https://www.exploit-db.com/exploits/1220

View Code ZIP pw:eip

References (6)

[Various Sources] http://users.pandora.be/bratax/advisories/b003.html

[Third Party Advisory, VDB Entry] http://www.osvdb.org/12101

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/18192

[Patch, Vendor Advisory] http://secunia.com/advisories/13268

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11687

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1012267

Scores

EPSS 0.0736

EPSS Percentile 91.7%

Details

Status published

Products (7)

fastream/netfile_server 6.5.1.980

fastream/netfile_server 6.5.1.981

fastream/netfile_server 6.7.2.1085

fastream/netfile_server 6.7.3

fastream/netfile_server 6.7.5

fastream/netfile_server 7.1

fastream/netfile_server 7.1.2 (2 CPE variants)

Published Dec 31, 2004

Tracked Since Feb 18, 2026