Apache mod_dav / svn Remote Denial of Service Exploit
Google Dorks:
inurl:svn inurl:trunk
"powered by subversion version"
Information on the bug (XML Bomb):
http://blog.didierstevens.com/2008/09/23/dismantling-an-xml-bomb/
Enjoy!
#!/usr/bin/env python
###################################################################################
#
# Cerberus FTP Server Denial of Service Exploit (Pre Auth)
# Found By: Francis Provencher (Protek Research Lab's)
# Tested On: Windows XPSP2
# Usage: ./script <Target IP>
#
###################################################################################
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Sec-r1z.com
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vulnerabilities : Avax Vector ActiveX 1.3 (avPreview.ocx) Denial of Service Exploit
Bug Hunter: Satan_Hackers (Satan_hackers@yahoo.com)
Greetz.: All Sec-r1z member's ...
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
<html>
<object classid='clsid:9589AEC9-1C2D-4428-B7E8-63B39D356F9C' id='CCRP' ></object>
## Mail : Qkk@Hotmail.Fr ##
## ##
########################################################################
########################################################################
## ## ##
##->vBulletin 3.8.2 Denial of Service Exploit<- ##
##
## ## ##
##Enter These Exploit ## ##
##1.Target ##[*] www.Baloma.net ##
##2.Forum ##[*] vbulletin ##
Actually, this is not a jpg file. Although the exploit image is named as .jpg, its format is consistent with the windows metafile format, not the jpeg. It is already well known that there are unpatched bugs in wmf file processing in Windows which can crash the viewing application.
The same goes for recently published 'MS Windows Explorer.exe Gif Image Denial of Service Exploit'.
