Vulnerabilities > CVE-2007-4448 - Unspecified vulnerability in Toribash
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The server in Toribash 2.71 and earlier does not properly handle partially joined clients that are temporarily assigned the ID of -1, which allows remote attackers to cause a denial of service (daemon crash) via a GRIP command with the ID of -1.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://aluigi.org/poc/toribashish.zip
- http://aluigi.org/poc/toribashish.zip
- http://secunia.com/advisories/26507
- http://secunia.com/advisories/26507
- http://securityreason.com/securityalert/3033
- http://securityreason.com/securityalert/3033
- http://www.securityfocus.com/archive/1/477025/100/0/threaded
- http://www.securityfocus.com/archive/1/477025/100/0/threaded
- http://www.securityfocus.com/bid/25359
- http://www.securityfocus.com/bid/25359
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36098
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36098