Ratbag game engine, as used in products such as Dirt Track Racing, Leadfoot, and World of Outlaws Spring Cars, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet that specifies the length of data to read and then sends a second TCP packet that contains less data than specified, which causes Ratbag to repeatedly check the socket for more data.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=107655269820530&w=2 | |
http://www.securityfocus.com/bid/9644 | Exploit Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15188 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2004-11-23 05:00
Updated : 2024-02-04 16:31
NVD link : CVE-2004-0278
Mitre link : CVE-2004-0278
CVE.ORG link : CVE-2004-0278
JSON object : View
Products Affected
ratbag
- leadfoot
- dirt_track_racing_australia
- world_of_outlaws_sprint_cars
- dirt_track_racing_sprint_cars
- dirt_track_racing
CWE