[AWS] Security pb

frett27 at free.fr frett27 at free.fr
Fri Jan 5 10:57:43 CET 2007

Previous message: [AWS] Security pb
Next message: [AWS] Security pb
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

sorry, by rereading the script it shows a more than 3000 byte GET request

Patrice

>>># Try crashing the service by sending specially crafted, overly long HTTP
post
>>> # request
>>> sendRequest = http_get(item:string(crap(3000)), port:imgsvr_port);
>>> http_keepalive_send_recv(port:imgsvr_port, data:sendRequest);
>>> if(http_is_dead(port:imgsvr_port))
>>> {
>>>	security_warning(port:imgsvr_port);
>>>	security_note(data:string("The Image Server Service ImgSvr has been " +
>>>                                  "crashed on the target system \nRestart " +
>>>                                  "the service to resume normal
>>>operations."),
>>>		      port:imgsvr_port);
>>> }



Selon Dmitriy Anisimkov <anisimkov at ada-ru.org>:

> frett27 at free.fr wrote:
>
> >here is the link
> >
>
>http://arachnids.stillsecure.com/SAT/scripts/OSSSA/GPL/released/OSSSA/scripts/os2a_imgsvr_dos_600941.nasl
> >
> >
> I do not know what the language this test written is and how can i
> reproduce it.
> Could you be more precise with the bug description.
>
>


--

Previous message: [AWS] Security pb
Next message: [AWS] Security pb
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the AWS mailing list