header-logo
Suggest Exploit
vendor:
Roger Wilco Server
by:
Unknown
7.5
CVSS
HIGH
Audio stream handling vulnerability
Unknown
CWE
Product Name: Roger Wilco Server
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Vulnerability in Roger Wilco Server

A user does not need to connect to the server over the TCP port to have UDP based audio streams handled. The attacker requires knowledge of user ID's connected to a target channel. By transmitting an audio stream to an affected server, it can be heard by all connected users without server administrator control.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10025/info

A vulnerability has been reported in the Roger Wilco Server, it is reported that a user does not need to connect to the server over the TCP port to have UDP based audio streams handled. Rather the attacker will require knowledge of user ID's connected to a target channel. Because the user ID's for a channel exist in a range of 0-127, the attacker may transmit an audio stream to an affected server that will be heard by all connected users, however the server administrator will have no control over disconnecting or muting this audio stream. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23904.zip

Navigation

Suggest Exploit

Services By CQR