![[HTB]&8221;靶机渗透详细思路-一一网](https://www.proyy.com/skycj/data/images/2020-11-03/2b19aef49d5116e4ddd97dada42fcaaa.png)
漏洞信息详情
Fizmez Web Server空连接服务拒绝漏洞
- CNNVD编号:CNNVD-200412-616
- 危害等级: 中危
![图片[1]-Fizmez Web Server空连接服务拒绝漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-09-07/30f462579bec41fc25e0b1d57503e6d6.png)
- CVE编号:
CVE-2004-2356
- 漏洞类型:
其他
- 发布时间:
2004-12-31
- 威胁类型:
远程
- 更新时间:
2006-09-22
- 厂 商:
fizmez - 漏洞来源:
.’);”>Discovery of this … -
漏洞简介
Fizmez Web Server 1.0版本存在提前结束漏洞。远程攻击者可以通过与服务器连接然后不发送任何数据就断开来导致服务拒绝(崩溃),该漏洞触发了一个空指针的解引用。
漏洞公告
The following is an untested, unconfirmed patch provided by a third party. It may be used to patch version 1.0 of the software:
( line: 268 of FizmezWebServer.java )
eh.debug(“Received input [“+line+”]”);
//Hash out request information
/* start of patch */
int firstSpaceIndex = 0;
try
{
firstSpaceIndex = line.indexOf(” “);
}
catch(NullPointerException npe)
{
System.out.println(“Void Connection Dropped…”);
break;
}
/* end of patch */
The vendor has released an update to address this issue:
Fizmez Web Server 1.0
-
Fizmez fws-1.1.tar.gz
http://fizmez.com/downloads/fws-1.1.tar.gz
参考网址
来源: XF
名称: fizmez-webserver-null-dos(15506)
链接:http://xforce.iss.net/xforce/xfdb/15506
来源: BID
名称: 9894
链接:http://www.securityfocus.com/bid/9894
来源: www.autistici.org
链接:http://www.autistici.org/fdonato/advisory/fws1.0-adv.txt
来源: SECTRACK
名称: 1009451
链接:http://securitytracker.com/id?1009451
来源: SECUNIA
名称: 11141
链接:http://secunia.com/advisories/11141/
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
