CVE-2004-2029

BNBT BitTorrent Tracker Beta 7.5 Release 2 - Denial of Service via Basic Authorization HTTP Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2029. PoCs published by Sowhat.

AI-analyzed exploit summary This exploit sends a malformed HTTP request to BNBT BitTorrent EasyTracker, causing a denial of service by crashing the server. The payload is a simple HTTP GET request with an invalid header.

Description

The Util_DecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier allows remote attackers to cause a denial of service (crash) via a Basic Authorization HTTP request with a "A==" value.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Sowhat · cdoswindows

https://www.exploit-db.com/exploits/1199

View Code ZIP pw:eip

This exploit sends a malformed HTTP request to BNBT BitTorrent EasyTracker, causing a denial of service by crashing the server. The payload is a simple HTTP GET request with an invalid header.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: BNBT BitTorrent EasyTracker Version 7.7r3.2004.10.27 and below

No auth needed

Prerequisites: Network access to the target server · Target server running BNBT BitTorrent EasyTracker

MITRE ATT&CK