Debian Bug report logs -
#550913
dopewars: CVE-2009-3591 denial-of-service
Package:
dopewars;
Maintainer for dopewars is Debian Games Team <pkg-games-devel@listsaliothdebianorg>; Source for dopewars is src:dopewars (PTS, buildd, popcon)
Reported by: Michael S Gilbert <michaelsgilbert@gmailcom>
Date: Wed, 14 Oct ...
## Description ##
The jet command in Dopewars 1512 is vulnerable to a segmentaion fault due to a lack of input validation
## POC ##
ruby -e 'print "foo^^Ar1111111\n^^Acfoo\n^AV65536\n"' | nc localhost 7902
## Fix ##
This issue is resolved in the SVN version of the application
## Discovered by Doug Prostko
...
source: wwwsecurityfocuscom/bid/36606/info
Dopewars is prone to a denial-of-service vulnerability that affects the server part of the application
An attacker can exploit this issue to crash the affected application, denying service to legitimate users
This issue affects Dopewars 1512; other versions may also be affected
The follo ...