Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (runtime error) via a crafted join packet to UDP port 27960, probably related to an invalid nickname command.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Sunage | Vertex4 | * | 1.08.1 (including) |
| Sunage | Vertex4 | 1.05 (including) | 1.05 (including) |
| Sunage | Vertex4 | 1.06 (including) | 1.06 (including) |
| Sunage | Vertex4 | 1.08 (including) | 1.08 (including) |
References
- http://aluigi.altervista.org/adv/sunagex-adv.txt
- http://aluigi.org/poc/sunagex.zip
- http://secunia.com/advisories/30823
- http://www.securityfocus.com/bid/29889
- http://www.vupen.com/english/advisories/2008/1903/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43249
- http://aluigi.altervista.org/adv/sunagex-adv.txt
- http://aluigi.org/poc/sunagex.zip
- http://secunia.com/advisories/30823
- http://www.securityfocus.com/bid/29889
- http://www.vupen.com/english/advisories/2008/1903/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43249