CVE-2018-8065
published 2018-03-12CVE-2018-8065: An issue was discovered in the web server in Flexense SyncBreeze Enterprise 10.6.24. There is a user mode write access violation on the syncbrs.exe memory…
PriorityP269high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EXPLOIT
EPSS
76.54%
99.5th percentile
An issue was discovered in the web server in Flexense SyncBreeze Enterprise 10.6.24. There is a user mode write access violation on the syncbrs.exe memory region that can be triggered by rapidly sending a variety of HTTP requests with long HTTP header values or long URIs.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| flexense | syncbreeze | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect DoS attempts by monitoring for a high volume of HTTP requests (recommended threshold: >1725 packets) with abnormally large Accept headers (4088–5090 bytes) sent to port 80 of Flexense HTTP Server. ↗
- →Fingerprint/check requests can be identified by a bare 'GET / HTTP/1.0' with no headers, followed by inspection of the Server banner for 'Flexense HTTP Server v10.6.24'. ↗
- →Alert on connections that are rapidly opened and closed (connect/disconnect loop) to port 80 with oversized Accept header values, as this is the core exploit delivery pattern. ↗
- →Monitor syncbrs.exe for write access violations / crashes, as the vulnerability manifests as a user-mode write access violation in that process's memory region. ↗
- ·The exploit targets Flexense HTTP Server 10.6.24 and below; versions above 10.6.24 are reported as not vulnerable. The Metasploit module aborts if the server banner does not match 'Flexense HTTP Server v10.6.24'. ↗
- ·The packet count and packet size are tunable; the recommended minimum for reliable DoS is 1725 packets with Accept headers of 4088–5090 bytes. Detection thresholds should be calibrated accordingly. ↗
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)
exploitdb·2023-05-31·CVSS 7.5
CVE-2018-8065 [HIGH] Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)
Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)
---
##
# Exploit Title: Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)
# Date: 2018-03-09
# Exploit Author: Ege Balci
# Vendor Homepage: https://www.flexense.com/downloads.html
# Version: 'Flexense HTTP Server Denial Of Service',
'Description' => %q{
This module triggers a Denial of Service vulnerability in the Flexense HTTP server.
Vulnerability caused by a user mode write access memory violation and can be triggered with
rapidly sending variety of HTTP requests with long HTTP header values.
Multiple Flexense applications that are using Flexense HTTP server 10.6.24 and below vesions reportedly vulnerable.
},
'Author' => [ 'Ege Balci ' ],
'License' => MSF_LICENSE,
'References' =>
[
[ 'CVE', '2018-8065']
Metasploit
Flexense HTTP Server Denial Of Service
metasploit
Flexense HTTP Server Denial Of Service
Flexense HTTP Server Denial Of Service
This module triggers a Denial of Service vulnerability in the Flexense HTTP server. Vulnerability caused by a user mode write access memory violation and can be triggered with rapidly sending variety of HTTP requests with long HTTP header values. Multiple Flexense applications that are using Flexense HTTP server 10.6.24 and below versions reportedly vulnerable.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/172676/Flexense-HTTP-Server-10.6.24-Buffer-Overflow-Denial-Of-Service.htmlhttps://github.com/EgeBalci/Sync_Breeze_Enterprise_10_6_24_-DOShttps://github.com/rapid7/metasploit-framework/pull/9701http://packetstormsecurity.com/files/172676/Flexense-HTTP-Server-10.6.24-Buffer-Overflow-Denial-Of-Service.htmlhttps://github.com/EgeBalci/Sync_Breeze_Enterprise_10_6_24_-DOShttps://github.com/rapid7/metasploit-framework/pull/9701
2018-03-12
Published