module
Ruby WEBrick::HTTP::DefaultFileHandler DoS
| Disclosed | Created |
|---|---|
| 08/08/2008 | 05/30/2018 |
Disclosed
08/08/2008
Created
05/30/2018
Description
The WEBrick::HTTP::DefaultFileHandler in WEBrick in
Ruby 1.8.5 and earlier, 1.8.6 to 1.8.6-p286, 1.8.7
to 1.8.7-p71, and 1.9 to r18423 allows for a DoS
(CPU consumption) via a crafted HTTP request.
Ruby 1.8.5 and earlier, 1.8.6 to 1.8.6-p286, 1.8.7
to 1.8.7-p71, and 1.9 to r18423 allows for a DoS
(CPU consumption) via a crafted HTTP request.
Author
kris katterjohn
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use auxiliary/dos/http/webrick_regex
msf /(x) > show actions
...actions...
msf /(x) > set ACTION < action-name >
msf /(x) > show options
...show and set options...
msf /(x) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.