xfocus logo xfocus title
首页 焦点原创 安全文摘 安全工具 安全漏洞 焦点项目 焦点论坛 关于我们
添加工具English Version
 工具分类 
 工具推荐 
X-Scan-v3.1-cn.rar
ex_foxmail5.0_windows.c
x_invscoutd_aix5l_4x.pl
x_hp-ux11i_nls_ct.c

HOD-symantec-firewall-DoS-expl.c


提交时间:2004-05-15
提交用户:binjo
工具分类:攻击程序
运行平台:Windows
工具大小:13209 Bytes
文件MD5 :26c7ff445184acde7ad6cd82d07f9c06
工具来源:http://www.securitylab.ru/_Exploits/2004/05/HOD-symantec-firewall-DoS-expl.c

/* HOD-symantec-firewall-DoS-expl.c:
*
* Symantec Multiple Firewall DNS Response Denial-of-Service
*
* Exploit version 0.1 coded by
*
*
*                 .::[ houseofdabus ]::.
*
*
*
* Bug discoveried by eEye:
* http://www.eeye.com/html/Research/Advisories/AD20040512B.html
*
* -------------------------------------------------------------------
* Tested on:
*    - Symantec Norton Personal Firewall 2004
*
*
* Systems Affected:
*    - Symantec Norton Internet Security 2002
*    - Symantec Norton Internet Security 2003
*    - Symantec Norton Internet Security 2004
*    - Symantec Norton Internet Security Professional 2002
*    - Symantec Norton Internet Security Professional 2003
*    - Symantec Norton Internet Security Professional 2004
*    - Symantec Norton Personal Firewall 2002
*    - Symantec Norton Personal Firewall 2003
*    - Symantec Norton Personal Firewall 2004
*    - Symantec Client Firewall 5.01, 5.1.1
*    - Symantec Client Security 1.0, 1.1, 2.0(SCF 7.1)
*    - Symantec Norton AntiSpam 2004
*
* -------------------------------------------------------------------
* Description:
*    eEye Digital Security has discovered a second vulnerability
*    in the Symantec firewall product line that can be remotely
*    exploited to cause a severe denial-of-service condition on
*    systems running a default installation of an affected version
*    of the product. By sending a single malicious DNS (UDP port 53)
*    response packet to a vulnerable host, an attacker can cause
*    the Symantec DNS response validation code to enter an infinite
*    loop within the kernel, amounting to a system freeze that requires
*    the machine to be physically rebooted in order to restore operation.
*
* -------------------------------------------------------------------
* Compile:
*    Win32/VC++  : cl -o HOD-sym-DoS-expl HOD-sym-DoS-expl.c ws2_32.lib
*    Win32/cygwin: gcc -o HOD-sym-DoS-expl HOD-sym-DoS-expl.c -lws2_32.lib
*    Linux       : gcc -o HOD-sym-DoS-expl HOD-sym-DoS-expl.c -Wall
*
* -------------------------------------------------------------------
* Command Line Parameters/Arguments:
*
*    HOD-symantec-firewall-DoS-expl [-fi:str] [-tp:int] [-ti:str] [-n:int]
*
*           -fi:IP    From (sender) IP address
*           -tp:int   To (recipient) port number
*           -ti:IP    To (recipient) IP address
*           -n:int    Number of times to send message
*
*/

>> 下载 <<
Copyright © 1998-2003 XFOCUS Team. All Rights Reserved