Ventrilo 'type 0' Packet NULL Pointer Dereference Denial of Service Vulnerability
BID:30675
Info
Ventrilo 'type 0' Packet NULL Pointer Dereference Denial of Service Vulnerability
| Bugtraq ID: | 30675 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2008-3680 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 13 2008 12:00AM |
| Updated: | Apr 15 2009 10:16PM |
| Credit: | Luigi Auriemma and Andre Malm |
| Vulnerable: |
Gentoo Linux Flagship Industries Ventrilo 3.0.2 |
| Not Vulnerable: | |
Discussion
Ventrilo 'type 0' Packet NULL Pointer Dereference Denial of Service Vulnerability
Ventrilo is prone to denial-of-service attacks due to a NULL-pointer dereference issue.
Successfully exploiting this issue will allow attackers to crash the affected application, denying service to legitimate users.
Ventrilo 3.0.2 is vulnerable; other versions may also be affected.
Ventrilo is prone to denial-of-service attacks due to a NULL-pointer dereference issue.
Successfully exploiting this issue will allow attackers to crash the affected application, denying service to legitimate users.
Ventrilo 3.0.2 is vulnerable; other versions may also be affected.
Exploit / POC
Ventrilo 'type 0' Packet NULL Pointer Dereference Denial of Service Vulnerability
The following exploit code is available:
The following exploit code is available:
Solution / Fix
Ventrilo 'type 0' Packet NULL Pointer Dereference Denial of Service Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Ventrilo 'type 0' Packet NULL Pointer Dereference Denial of Service Vulnerability
References:
References:
- Ventrilo Homepage (Flagship Industries)
- NULL pointer in Ventrilo 3.0.2 (Luigi Auriemma