CVE-2004-2033
published 2004-05-26CVE-2004-2033: Orenosv 0.5.9f allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
PriorityP419medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
3.95%
89.1th percentile
Orenosv 0.5.9f allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| orenosv | orenosv_http_ftp_server | — | — |
| orenosv | orenosv_http_ftp_server | — | — |
| orenosv | orenosv_http_ftp_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (3)
exploitdb·2004-06-02
CVE-2004-2033 Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (3)
Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (3)
---
source: https://www.securityfocus.com/bid/10420/info
Orenosv HTTP/FTP server is prone to a denial of service vulnerability that may occur when an overly long HTTP GET request is sent to the server. When the malicious request is handled, it is reported that both the HTTP and FTP daemons will stop responding.
@echo off
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:Application: Orenosv FTP Server
:Vendors: http://home.comcast.net/~makataoka//orenosv060.zip
:Version: <=0.6.0
:Platforms: Windows
:Bug: D.O.S
:Date: 2004-06-02
:Author: CoolICE
:E-mail: CoolICE#China.com
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
;if '%1'=='' echo Usage:%0 target [port]&&goto :eof
;set PORT=21
;i
Exploit-DB
Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (2)
exploitdb·2004-06-02
CVE-2004-2033 Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (2)
Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (2)
---
source: https://www.securityfocus.com/bid/10420/info
Orenosv HTTP/FTP server is prone to a denial of service vulnerability that may occur when an overly long HTTP GET request is sent to the server. When the malicious request is handled, it is reported that both the HTTP and FTP daemons will stop responding.
@echo on
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:Application: Orenosv Server
:Vendors: http://home.comcast.net/~makataoka/orenosv060.zip
:Version: <=0.6.0
:Platforms: Windows
:Bug: D.O.S
:Date: 2004-06-02
:Author: CoolICE
:E-mail: CoolICE#China.com
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
;if '%1'=='' echo Usage:%0 target [port]&&goto :eof
;set PORT=9999
;if no
Exploit-DB
Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (1)
exploitdb·2004-05-25
CVE-2004-2033 Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (1)
Orenosv HTTP/FTP Server 0.5.9 - GET Denial of Service (1)
---
// source: https://www.securityfocus.com/bid/10420/info
Orenosv HTTP/FTP server is prone to a denial of service vulnerability that may occur when an overly long HTTP GET request is sent to the server. When the malicious request is handled, it is reported that both the HTTP and FTP daemons will stop responding.
/****************************/
PoC to crash the server
/****************************/
/* Orenosv HTTP/FTP Server Denial Of Service
Version:
orenosv059f
Vendor:
http://hp.vector.co.jp/authors/VA027031/orenosv/index_en.html
Coded and Discovered by:
badpack3t
.:sp research labs:.
www.security-protocols.com
5.25.2004
*/
#include
#include
#pragma comment(lib, "ws2_32.lib")
char exploit[] =
/* 420 A's - looks ugly bu
No writeups or analysis indexed.
http://hp.vector.co.jp/authors/VA027031/orenosv/index_en.htmlhttp://marc.info/?l=bugtraq&m=108559623703422&w=2http://secunia.com/advisories/11706http://www.osvdb.org/6419http://www.securityfocus.com/bid/10420https://exchange.xforce.ibmcloud.com/vulnerabilities/16250http://hp.vector.co.jp/authors/VA027031/orenosv/index_en.htmlhttp://marc.info/?l=bugtraq&m=108559623703422&w=2http://secunia.com/advisories/11706http://www.osvdb.org/6419http://www.securityfocus.com/bid/10420https://exchange.xforce.ibmcloud.com/vulnerabilities/16250
2004-05-26
Published