CVE-2009-4413

Polipo 0.9.8, 0.9.12, 1.0.4 - Denial of Service via Large Content-Length Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-4413. PoCs published by Jeremy Brown.

AI-analyzed exploit summary This Perl script exploits a memory corruption vulnerability in Polipo 1.0.4 by sending a crafted HTTP request with an invalid Content-Length header, triggering a segmentation fault due to improper handling of the request buffer.

Description

The httpClientDiscardBody function in client.c in Polipo 0.9.8, 0.9.12, 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a request with a large Content-Length value, which triggers an integer overflow, a signed-to-unsigned conversion error with a negative value, and a segmentation fault.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jeremy Brown · perldoslinux

https://www.exploit-db.com/exploits/10338

View Code ZIP pw:eip

This Perl script exploits a memory corruption vulnerability in Polipo 1.0.4 by sending a crafted HTTP request with an invalid Content-Length header, triggering a segmentation fault due to improper handling of the request buffer.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Polipo 1.0.4

No auth needed

Prerequisites: Network access to the target Polipo server

MITRE ATT&CK