CVE-2004-1680 Information

Description

application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service (VxWorks OS crash) via a long HTTP GET request possibly triggering a buffer overflow.

Reference

http://secunia.com/advisories/12523 http://www.atstake.com/research/advisories/2004/a091304-2.txt http://www.securityfocus.com/bid/11161 https://exchange.xforce.ibmcloud.com/vulnerabilities/17346