DC++ NULL Pointer Remote Denial of Service Vulnerability
BID:29924
Info
DC++ NULL Pointer Remote Denial of Service Vulnerability
| Bugtraq ID: | 29924 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2008-2953 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 22 2008 12:00AM |
| Updated: | Apr 16 2015 05:51PM |
| Credit: | crise |
| Vulnerable: |
LinuxDC++ LinuxDC++ 1.0.1 DC++ DC++ 0.706 |
| Not Vulnerable: |
DC++ DC++ 0.707 |
Discussion
DC++ NULL Pointer Remote Denial of Service Vulnerability
DC++ is prone to a remote denial-of-service vulnerability because the application fails to handle NULL-pointer exceptions.
An attacker could exploit this issue to crash the affected application, denying service to legitimate users.
This issue affects DC++ 0.706 and earlier versions.
DC++ is prone to a remote denial-of-service vulnerability because the application fails to handle NULL-pointer exceptions.
An attacker could exploit this issue to crash the affected application, denying service to legitimate users.
This issue affects DC++ 0.706 and earlier versions.
Exploit / POC
DC++ NULL Pointer Remote Denial of Service Vulnerability
An attacker can exploit this issue by sending a malicious partial file list to the application.
An attacker can exploit this issue by sending a malicious partial file list to the application.
Solution / Fix
DC++ NULL Pointer Remote Denial of Service Vulnerability
Solution:
The vendor has released a fix; please see the references for more information.
Solution:
The vendor has released a fix; please see the references for more information.
References
DC++ NULL Pointer Remote Denial of Service Vulnerability
References:
References:
- DC++ Homepage (DC++)
- DC++ version 0.707 Release Notes (DC++)
- Diff for /linuxdcpp/linuxdcpp/client/ShareManager.cpp between version 1.14 and 1 (LinuxDC++)
- LinuxDC++ Homepage (LinuxDC++)