You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Content-Length, if not given defaults to 2147483647 Bytes making the server wait for that many number of bytes.
The exploit scenario:
If the user connects the server using "nc" on which he is allowed to use post method request and sends a request without stating the Content-Length value then the server waits for 2147483647 Bytes or time-out whichever is earlier.
Now if an attacker connects with max-clients-allowed to the server and sends this request from each client
then the SERVER may possibly go into DOS !!
Version: 1.3-current
CUPS.org User: rahulmode
Tested on both
CUPS-1.1.23 and
CUPS-1.3.7
Content-Length, if not given defaults to 2147483647 Bytes making the server wait for that many number of bytes.
The exploit scenario:
If the user connects the server using "nc" on which he is allowed to use post method request and sends a request without stating the Content-Length value then the server waits for 2147483647 Bytes or time-out whichever is earlier.
Now if an attacker connects with max-clients-allowed to the server and sends this request from each client
then the SERVER may possibly go into DOS !!
Ex Exploit:
nc cups_server 631
-- BY Rahul Mode ( rahulmode@gmail.com )
The text was updated successfully, but these errors were encountered: