Skip to content

Instantly share code, notes, and snippets.


Felix Blanco fxb6476

View GitHub Profile
fxb6476 / Disclosure
Last active Oct 15, 2019
View Disclosure
[Vulnerability Description]
- Hydra through 0.1.8 has a NULL pointer dereference and daemon crash when processing POST requests
that lack a 'Content-Length' header. The issue comes from the process_header_end() function, which
calls boa_atoi(), which ultimately calls aoti() on a null pointer.
[Additional Information]
- The Hydra web server is widely used by embedded networking equipment, such as switches, and embedded devices in general.
Because of this fact, it is very difficult to specify device models or vendors that may be impacted by this vulnerability.
Rudimentary scans using Shodan show over 8,000 devices registered broadcasting the "Hydra v0.1.8" server, open to the