Targem Games Battle Mages远程服务拒绝漏洞

20次阅读
没有评论

Targem Games Battle Mages远程服务拒绝漏洞

漏洞ID 1107779 漏洞类型 其他
发布时间 2004-03-11 更新时间 2005-10-20
Targem Games Battle Mages远程服务拒绝漏洞CVE编号 CVE-2004-2360
Targem Games Battle Mages远程服务拒绝漏洞CNNVD-ID CNNVD-200412-692
漏洞平台 Multiple CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/23805
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-692
|漏洞详情
TargemBattleMages1.0版本存在漏洞。远程攻击者借助具有不完整数据的UDP包导致服务拒绝(无限循环),在等待读取未发送数据的剩余部分时,该漏洞将导致服务器进入一个无限循环。
|漏洞EXP
source: http://www.securityfocus.com/bid/9849/info

The Battle Mages game server has been reported to be prone to a remote denial of service vulnerability. The issue is reported to present itself when the server receives incomplete client data. Specifically the affected server will attempt to read the expected data size infinitely until it is received, this may allow a remote attacker to tie up server resources and effectively deny service to legitimate users.

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/23805-1.rar

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/23805-2.rar
|参考资料

来源:XF
名称:battlemages-incomplete-data-dos(15487)
链接:http://xforce.iss.net/xforce/xfdb/15487
来源:BID
名称:9849
链接:http://www.securityfocus.com/bid/9849
来源:BUGTRAQ
名称:20040311UnrealengineupdatesandBattleMagesadvisory
链接:http://cert.uni-stuttgart.de/archive/bugtraq/2004/03/msg00103.html
来源:aluigi.altervista.org
链接:http://aluigi.altervista.org/adv/battlemages-adv.txt

相关推荐: AOL Instant Messenger Password Encryption Weakness

AOL Instant Messenger Password Encryption Weakness 漏洞ID 1104914 漏洞类型 Design Error 发布时间 1998-06-21 更新时间 1998-06-21 CVE编号 N/A CNNVD-…

正文完
 0