America's Army Malformed UDP Packet Remote Denial of Service Vulnerability

Bugtraq ID:	30519
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2008-3492
Remote:	Yes
Local:	No
Published:	Aug 02 2008 12:00AM
Updated:	May 07 2015 05:25PM
Credit:	Luigi Auriemma
Vulnerable:	America's Army America's Army 2.3.8.1
Not Vulnerable:

America's Army Malformed UDP Packet Remote Denial of Service Vulnerability

America's Army is prone to a remote denial-of-service vulnerability because the application fails to properly handle malicious UDP packets.

Exploiting this issue allows remote attackers to cause the application to crash, effectively denying service to legitimate users.

America's Army 2.8.3.1 is vulnerable; other versions may also be affected.

America's Army Malformed UDP Packet Remote Denial of Service Vulnerability

The following exploit code is available:

• /data/vulnerabilities/exploits/armynchia.zip

America's Army Malformed UDP Packet Remote Denial of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

America's Army Malformed UDP Packet Remote Denial of Service Vulnerability

References:

• America Army's Server termination due to failed assertion (Luigi Auriemma)
  
• Vendor Homepage (America's Army)
  
• Server termination in America's Army 2.8.3.1 (Luigi Auriemma )