header-logo
Suggest Exploit
vendor:
Reptile
by:
SecurityFocus
5
CVSS
MEDIUM
Remote Denial of Service
399
CWE
Product Name: Reptile
Affected Version From: Reptile
Affected Version To: Reptile
Patch Exists: No
Related CWE: N/A
CPE: a:reptile:reptile
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Reptile Remote Denial of Service Vulnerability

Reptile is vulnerable to a remote denial of service attack due to the server not timing out on incomplete requests. An attacker can exploit this vulnerability by sending incomplete GET requests to the webserver, such as 'GET index.htm' without specifying the HTTP* at the end of the request.

Mitigation:

Time out requests after a certain period of time.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9482/info

Reptile has been reported prone to a remote denial of service vulnerability. It has been reported that this issue exists because the affected server does not time out on incomplete requests. A remote attacker may exploit this vulnerability to deny service to legitimate users. 

To test the vulnerability simply send to the webserver some (about 10)
strings like:

GET index.htm

without specify the HTTP* at the end of the GET request, and where
the requested file must be avaible in the public_html directory.

Navigation

Suggest Exploit

Services By CQR