Soldat 多个远程拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1113498 漏洞类型 其他
发布时间 2007-08-23 更新时间 2007-08-27
CVE编号 CVE-2007-4531 CNNVD-ID CNNVD-200708-412
漏洞平台 Multiple CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/30524
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200708-412
|漏洞详情
Soldatgameserver1.4.2版本及其早期版本,和server2.6.2版本及其早期版本,允许远程攻击者可以借助(1)对文件传输端口的一个超长的字符串或(2)一个超长的chat信息,造成客户端的拒绝服务(崩溃)或(3)可以借助包含许多0x07或其它对文件传输端口的control字符串,造成一个服务器拒绝服务(持续鸣叫和减速)。
|漏洞EXP
source: http://www.securityfocus.com/bid/25426/info

Soldat is prone to multiple remote denial-of-service vulnerabilities because of how the game software handles unexpected input.

Successfully exploiting these issues allows remote attackers to crash game servers and clients or to block arbitrary IP addresses from connecting to game servers.

Soldat 1.4.2 and Soldat dedicated server 2.6.2 are vulnerable; other versions may also be affected. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/30524.zip
|参考资料

来源:BID
名称:25426
链接:http://www.securityfocus.com/bid/25426
来源:MISC
链接:http://aluigi.org/poc/soldatdos.zip
来源:MISC
链接:http://aluigi.altervista.org/adv/soldatdos-adv.txt
来源:XF
名称:soldat-server-ftp-dos(36231)
链接:http://xforce.iss.net/xforce/xfdb/36231
来源:XF
名称:soldat-message-dos(36230)
链接:http://xforce.iss.net/xforce/xfdb/36230
来源:BUGTRAQ
名称:20070823MultipledenialofserviceinSoldat1.4.2/2.6.2
链接:http://www.securityfocus.com/archive/1/archive/1/477624/100/0/threaded
来源:SECUNIA
名称:26564
链接:http://secunia.com/advisories/26564