Personal Web Sharing服务拒绝

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1106342 漏洞类型 未知
发布时间 2001-05-10 更新时间 2001-09-20
CVE编号 CVE-2001-0649 CNNVD-ID CNNVD-200109-078
漏洞平台 OSX CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/20844
https://www.securityfocus.com/bid/88846
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200109-078
|漏洞详情
PersonalWebSharing1.5.5版本存在漏洞。远程攻击者可以通过超长HTTP请求导致服务拒绝。
|漏洞EXP
source: http://www.securityfocus.com/bid/2715/info


Apple Personal Web Sharing is a utility that allows users to extend file-sharing abilities across a small intranet. It is shipped with MacOS 9.

A user may craft a URL which contains excess characters to cause the file-sharing system to shut down.

The file sharing system must then be restarted to regain its functionality once again.

http://fileserver/?aaaaaaaaa... [approx. 6000 characters]
|受影响的产品
Apple Personal Web Sharing 1.5.5
|参考资料

来源:XF
名称:macos-web-sharing-dos(6536)
链接:http://xforce.iss.net/static/6536.php
来源:BUGTRAQ
名称:20010510PersonalWebSharingremotestop
链接:http://www.securityfocus.com/archive/1/184548