| Title | iMatrix Xitami 2.5 Denial of Service |
|---|
| Description | The technique works well on Windows XP Professional Service Pack 2 and 3 (English).
For this exploration I tried several strategies to increase reliability and performance:
The server did not correctly handle the request with large amounts of data sent in the If-Modified-Since header, causing the web server to crash.
A 952-byte request in the If-Modified-Since header for the web server to process crashes the server while receiving and processing the data, causing denial of service conditions.
Successful exploitation of these issues allows remote attackers to crash the affected server, denying service to legitimate users. |
|---|
| Source | ⚠️ https://packetstormsecurity.com/files/176546/Xitami-2.5-Denial-Of-Service.html |
|---|
| User | fernando.mengali (UID 60856) |
|---|
| Submission | 01/15/2024 15:44 (2 years ago) |
|---|
| Moderation | 01/19/2024 10:48 (4 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 3327 [Xitami HTTP Server HTTP Request If-Modified-Since memory corruption] |
|---|
| Points | 0 |
|---|