Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2748

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-2748
Last Modified 29 Jan 2009 01:51:07
Published 18 Jun 2008 03:41:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2748

Summary

Skulltag 0.97d2-RC2 and earlier allows remote attackers to cause a denial of service (daemon hang) via a series of long, malformed connect packets, related to these packets being "parsed multiple times."

Vulnerable Systems

Application

  • Skulltag Team Skulltag 0.95c

  • Skulltag Team Skulltag 0.95d

  • Skulltag Team Skulltag 0.95e

  • Skulltag Team Skulltag 0.95f

  • Skulltag Team Skulltag 0.95g

  • Skulltag Team Skulltag 0.95h

  • Skulltag Team Skulltag 0.95i

  • Skulltag Team Skulltag 0.95j

  • Skulltag Team Skulltag 0.95k

  • Skulltag Team Skulltag 0.96b

  • Skulltag Team Skulltag 0.96c

  • Skulltag Team Skulltag 0.96d

  • Skulltag Team Skulltag 0.96e

  • Skulltag Team Skulltag 0.96f

  • Skulltag Team Skulltag 0.97b

  • Skulltag Team Skulltag 0.97c

  • Skulltag Team Skulltag 0.97c2

  • Skulltag Team Skulltag 0.97c3

  • Skulltag Team Skulltag 0.97d

  • Skulltag Team Skulltag 0.97d2


References

XF - skulltag-packet-dos(43125)

BID - 29760

BUGTRAQ - 20080616 Server freezed in Skulltag 0.97d2-RC2

CONFIRM - http://skulltag.com/testing/public/Skulltag%20Version%20History.txt

SREASON - 3953

SECUNIA - 30668

MISC - http://aluigi.org/poc/skulltagloop.zip


Last Updated: 27 May 2016 10:47:58