Jenkins Software RakNet Remote Integer Underflow Vulnerability
BID:38974
Info
Jenkins Software RakNet Remote Integer Underflow Vulnerability
| Bugtraq ID: | 38974 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 25 2010 12:00AM |
| Updated: | Mar 31 2010 04:52PM |
| Credit: | Luigi Auriemma |
| Vulnerable: |
Jenkins Software RakNet 3.72 |
| Not Vulnerable: | |
Discussion
Jenkins Software RakNet Remote Integer Underflow Vulnerability
RakNet is prone to a remote integer-underflow vulnerability because it fails to sufficiently validate an integer value.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed attempts may trigger a denial-of-service condition.
RakNet 3.72 is affected; other versions may be vulnerable as well.
RakNet is prone to a remote integer-underflow vulnerability because it fails to sufficiently validate an integer value.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed attempts may trigger a denial-of-service condition.
RakNet 3.72 is affected; other versions may be vulnerable as well.
Exploit / POC
Jenkins Software RakNet Remote Integer Underflow Vulnerability
A proof of concept is available:
A proof of concept is available:
Solution / Fix
Jenkins Software RakNet Remote Integer Underflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
Jenkins Software RakNet Remote Integer Underflow Vulnerability
References:
References:
- RakNet (Jenkins Software)
- Raknet NULL pointer (Luigi Auriemma)