PT-2019-13060 · Unknown · Doomseeker+1
Pol M
+1
·
Published
2019-06-26
·
Updated
2019-07-02
·
CVE-2019-12968
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Doomseeker versions 1.1 through 1.2
Description
A vulnerability was found in the Sonic Robo Blast 2 (SRB2) plugin distributed with Doomseeker, where affected plugin versions did not discard IP packets with an unnaturally long response length from a Sonic Robo Blast 2 master server. This allowed a remote attacker to cause a potential crash or denial of service in Doomseeker.
Recommendations
For Doomseeker versions 1.1 and 1.2, update to Doomseeker 1.3, which includes source code patches to the SRB2 plugin to remediate the issue.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Doomseeker
Sonic Robo Blast 2