While working on day to day tasks, I come to know about a vulnerability in an open source ticketing software osTicket. This is an open source software and as I always support open source projects, I decided to report this vulnerability to their development team. They are very supportive and took it in priority and fixed the bug.

Here are the steps to reproduce the vulnerability:

A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. This can cause the website to go down or stop responding. When a long password is entered, this procedure will consume all available CPU and memory.

Affected version: osTicket (v1.17.2)

Proof of Concept:

1.       Sign up to the application, capture the request in burp suite software and send it to Repeater.

2.       Copy the payload from payload file [you may use your own super long password too] and paste on password parameters and click on send.

3.       You'll see that the programme accepts lengthy passwords, which might cause a DoS or be used as a DDoS attack vector. 

A DDoS attack may be used to take advantage of this vulnerability, preventing legitimate users from accessing resources or apps.
Remediation: Upgrade osTicket to the latest version. 
You can refer more on this vulnerability by below URL:


Popular Posts