Published: 08/10/2009 Updated: 10/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Dopewars 1.5.12 allows remote malicious users to cause a denial of service (segmentation fault) via a REQUESTJET message with an invalid location.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ben webb dopewars 1.5.12

Debian Bug report logs - #550913 dopewars: CVE-2009-3591 denial-of-service Package: dopewars; Maintainer for dopewars is Debian Games Team <pkg-games-devel@listsaliothdebianorg>; Source for dopewars is src:dopewars (PTS, buildd, popcon) Reported by: Michael S Gilbert <michaelsgilbert@gmailcom> Date: Wed, 14 Oct ...

## Description ## The jet command in Dopewars 1512 is vulnerable to a segmentaion fault due to a lack of input validation ## POC ## ruby -e 'print "foo^^Ar1111111\n^^Acfoo\n^AV65536\n"' | nc localhost 7902 ## Fix ## This issue is resolved in the SVN version of the application ## Discovered by Doug Prostko ...

source: wwwsecurityfocuscom/bid/36606/info Dopewars is prone to a denial-of-service vulnerability that affects the server part of the application An attacker can exploit this issue to crash the affected application, denying service to legitimate users This issue affects Dopewars 1512; other versions may also be affected The follo ...

CWE-20 http://dopewars.svn.sourceforge.net/viewvc/dopewars/dopewars/trunk/src/serverside.c?r1=1023&r2=1033&pathrev=1033 http://secunia.com/advisories/36961 http://www.securityfocus.com/bid/36606 http://dopewars.svn.sourceforge.net/viewvc/dopewars/dopewars/trunk/ChangeLog?view=markup&pathrev=1033 http://www.securityfocus.com/archive/1/507012/100/0/threaded https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550913 https://nvd.nist.gov https://www.exploit-db.com/exploits/10004/

CVE-2009-3591

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect