Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2004-0558 PoC — CUPS UDP数据包远程服务拒绝漏洞

Source
https://github.com/fibonascii/CVE-2004-0558
Associated Vulnerability
Title:CUPS UDP数据包远程服务拒绝漏洞 (CVE-2004-0558)
Description:CUPS 1.1.21之前版本中的Internet Printing Protocol(IPP)的安装启用存在漏洞。远程攻击者可以借助某个IPP端口的UDP数据包导致服务拒绝(服务挂起)。
Readme
This is a proof of concept exploit for CVE-2004-0558
Specific versions of CUPs (1.1.x) are vulnerable to a Denial of Service attack when sent a zero-length UDP packet
https://www.exploit-db.com/exploits/24599/

It's worth noting that this can be achieved with nmap, and this exploit was developed for research and educational purposes.


Usage:

python kill-cups.py -t 192.168.1.91


Additional command line flags were included for research purposes. UDP requires that the packet header requires an arbitrary source port.
In the exploit I have it default to 4321 but this can changed if necessary

python kill-cups.py -t 192.168.1.91 --source-port 5555
File Snapshot

 [4.0K]  /data/pocs/e95177b0dc3f131c1dc8ac6f543acea7951b97d8
├── [ 826]  kill-cups.py
└── [ 653]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.