Surfnet 1.31 CMD_CREDITCARD_CHARGE Denial of Service Vulnerability

2004-01-02T00:00:00
ID EDB-ID:23512
Type exploitdb
Reporter Rift_XT
Modified 2004-01-02T00:00:00

Description

Surfnet 1.31 CMD_CREDITCARD_CHARGE Denial Of Service Vulnerability. CVE-2004-1781. Dos exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/9348/info

Surfnet is prone to a denial of service vulnerability via the CMD_CREDITCARD_CHARGE command. By issuing this command with malformed arguments, it is possible to crash the software. When the software crashes, it will drop the kiosk user into the underlying operating system. 

C:\Surfnet\WWWRoot\CMD_CREDITCARD_CHARGE:Charge=20