CVE-2009-0751

Yaws < 1.80 - Denial of Service via Large Number of Headers

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-0751. PoCs published by Praveen Darshanam.

AI-analyzed exploit summary This Perl script exploits CVE-2009-0751 by sending a large number of HTTP headers to a Yaws server, causing a denial of service due to memory consumption and crash. It constructs a malicious HTTP request with exponentially increasing headers and sends it to the target server.

Description

Yaws before 1.80 allows remote attackers to cause a denial of service (memory consumption and crash) via a request with a large number of headers.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Praveen Darshanam · perldosmultiple

https://www.exploit-db.com/exploits/8148

View Code ZIP pw:eip

This Perl script exploits CVE-2009-0751 by sending a large number of HTTP headers to a Yaws server, causing a denial of service due to memory consumption and crash. It constructs a malicious HTTP request with exponentially increasing headers and sends it to the target server.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Yaws before 1.80

No auth needed

Prerequisites: Network access to the Yaws server · Yaws server version < 1.80

MITRE ATT&CK