Exploit for windows platform in category dos / poc
Overview:
---------
Oxide Webserver v2.0.4 is prone to a remote Denial of Service vulnerability
as it fails to handle crafted requests from the client properly.
Technical Description:
----------------------
The vulnerability is caused by an error in handling some crafted characters
in HTTP GET requests, which causes the server to crash.
Impact:
--------
Successful exploitation could allow an attacker to crash a vulnerable server.
Affected Software:
------------------
Oxide Webserver version 2.0.4 and prior.
Tested on,
Oxide Webserver version 2.0.4 on Windows XP SP3
References:
-----------
http://secpod.org/blog/?p=516
http://sourceforge.net/projects/oxide
http://sourceforge.net/projects/oxide-ws/files
http://secpod.org/advisories/SecPod_Oxide_WebServer_DoS_Vuln.txt
Proof of Concept:
----------------
http://www.example.com:80/?.
http://www.example.com:80/<.
http://www.example.com:80/$.
http://www.example.com:80/cc.
# 0day.today [2018-04-03] #