Nival Interactive Etherlords Remote Denial Of Service Vulnerability
BID:9979
Info
Nival Interactive Etherlords Remote Denial Of Service Vulnerability
| Bugtraq ID: | 9979 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 25 2004 12:00AM |
| Updated: | Mar 25 2004 12:00AM |
| Credit: | Disclosure of this issue is credited to Luigi Auriemma <[email protected]>. |
| Vulnerable: |
Nival Interactive Etherlords II 1.0 3 Nival Interactive Etherlords II 1.0 2 Nival Interactive Etherlords II 1.0 1 Nival Interactive Etherlords II 1.0 Nival Interactive Etherlords 1.0 7 Nival Interactive Etherlords 1.0 6 Nival Interactive Etherlords 1.0 5 Nival Interactive Etherlords 1.0 4 Nival Interactive Etherlords 1.0 3 Nival Interactive Etherlords 1.0 2 Nival Interactive Etherlords 1.0 1 Nival Interactive Etherlords 1.0 0 |
| Not Vulnerable: | |
Discussion
Nival Interactive Etherlords Remote Denial Of Service Vulnerability
A remote denial of service vulnerability has been reported in Etherlords and Etherlords II. This issue is due to a failure of the application to properly validate user-supplied network data.
By issuing a packet containing a large value specifying the size of the data block to follow, a malicious user can leverage this issue by causing the client or server to crash.
A remote denial of service vulnerability has been reported in Etherlords and Etherlords II. This issue is due to a failure of the application to properly validate user-supplied network data.
By issuing a packet containing a large value specifying the size of the data block to follow, a malicious user can leverage this issue by causing the client or server to crash.
Exploit / POC
Nival Interactive Etherlords Remote Denial Of Service Vulnerability
The following exploit has been provided:
http://aluigi.altervista.org/poc/ethboom.zip
The following exploit has been provided:
http://aluigi.altervista.org/poc/ethboom.zip
Solution / Fix
Nival Interactive Etherlords Remote Denial Of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Nival Interactive Etherlords Remote Denial Of Service Vulnerability
References:
References:
- Etherlords Home Page (Nival Interactive)
- Remote crash in Etherlords I 1.07 and II 1.03 (Luigi Auriemma
)