Medieval Total War Denial of Service Vulnerability

vendor:

Medieval Total War

by:

SecurityFocus

7.5

CVSS

HIGH

Denial of Service

400

CWE

Product Name: Medieval Total War

Affected Version From: 1.1

Affected Version To: 1.1

Patch Exists: YES

Related CWE: N/A

CPE: a:feral_interactive:medieval_total_war

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows, Linux, Mac

2002

Medieval Total War Denial of Service Vulnerability

It has been reported that Medieval Total War may be prone to a denial of service vulnerability. The issue is caused when an attacker sends a malformed value for nickname consisting of 0 Unicode characters to the server during the initial authentication process. The exploitation of this issue results in the all users receiving a 'Connection expired' message before leading to a crash of the server.

Mitigation:

Ensure that all software is up to date and patched with the latest security updates.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8787/info

It has been reported that Medieval Total War may be prone to a denial of service vulnerability. The issue is caused when an attacker sends a malformed value for nickname consisting of 0 Unicode characters to the server during the initial authentication process. The exploitation of this issue results in the all users receiving a "Connection expired" message before leading to a crash of the server.

Successful exploitation of this issue may allow an attacker to cause the software to crash or hang.

Medieval Total War versions 1.1 and prior are reported to be prone to this vulnerability. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23231.zip