Info

Disclosure

Jun 09, 2006

Discovery

Unknown

Dates

Exploit

Jun 09, 2006

Solution

Unknown

Description

0verkill contains a flaw that may allow a remote denial of service. The issue is triggered when an integer underflow error occurs in recv_packet() function, and will result in loss of availability for the 0verkill daemon. recv_packet() function is involved in handling the received UDP packets. The attacker can send a UDP packet smaller than 12 bytes to cause the underflow and crash the daemon process thereby causing Denial of Service.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Public

Solution

Currently, there are no known upgrades or patches to correct this issue.

Products

Petr Kulhavy	0verkill	0.10
		0.11
		0.12
		0.13
		0.14
		0.15
		0.16

References

Milw0rm: 1894
Exploit Database: 1894
CVE ID: 2006-2971 (see also: NVD)
Secunia Advisory ID: 20551
VUPEN Advisory: ADV-2006-2245
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0133.html
Vendor URL: http://artax.karlin.mff.cuni.cz/~brain/0verkill/

Credit

Federico Fazzi - federicoautistici.org -

Direct URL: http://osvdb.org/26029

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Petr Kulhavy

0verkill

References

Credit