CVE-2005-3475

Hasbani Web Server 2.0 - Denial of Service via Crafted HTTP GET Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-3475. PoCs published by Expanders.

AI-analyzed exploit summary This exploit targets a denial-of-service (DoS) vulnerability in Hasbani-WindWeb/2.0 by sending a crafted HTTP GET request with a long string of '../' sequences. The exploit causes the server to enter an endless loop, leading to a crash of the HTTP daemon.

Description

Hasbani Web Server (WindWeb) 2.0 allows remote attackers to cause a denial of service (infinite loop) via HTTP crafted GET requests.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Expanders · cdoshardware
https://www.exploit-db.com/exploits/1274

This exploit targets a denial-of-service (DoS) vulnerability in Hasbani-WindWeb/2.0 by sending a crafted HTTP GET request with a long string of '../' sequences. The exploit causes the server to enter an endless loop, leading to a crash of the HTTP daemon.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Hasbani-WindWeb/2.0
No auth needed
Prerequisites: Network access to the target HTTP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/15225
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/20447
Third Party Advisory mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0572.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24657

Scores

EPSS 0.0828
EPSS Percentile 94.2%

Details

Status published
Products (1)
hasbani_web_server/hasbani_web_server 2.0
Published Nov 03, 2005
Tracked Since Feb 18, 2026