Exploit GNU Zebra 0.9x / Quagga 0.96 - Remote Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
23375
Проверка EDB
  1. Пройдено
Автор
JONNY ROBERTSON
Тип уязвимости
DOS
Платформа
LINUX
CVE
cve-2003-0795
Дата публикации
2003-11-12
Код:
source: https://www.securityfocus.com/bid/9029/info

It has been reported that Zebra, as well as Quagga, may be vulnerable to a remote denial of service vulnerability that may allow an attacker to cause the software to crash or hang. The issue is reported to occur if an attacker attempts to connect to the Zebra telnet management port while a password is enabled. The program will crash when attempting to dereference an invalid, possibly NULL, pointer.

All versions of GNU Zebra are said to be vulnerable to this issue. All versions of Quagga prior to 0.96.4 are also vulnerable. 

printf '\xff\xf0\xff\xf0\xff\xf0' | nc <host> <port>
 
Источник
www.exploit-db.com

Похожие темы