Ratbag data length denial of service

ratbag-data-length-dos (15188) The risk level is classified as MediumMedium Risk

Description:

Multiple games developed by Ratbag, including Dirt Track Racing, Dirt Track Racing Australia, Leadfoot, Dirt Track Racing Sprint Cars, Dirt Track Racing 2, and World of Outlaws Sprint Cars, are vulnerable to a denial of service attack, caused by the value that identifies the length of the data. If a remote attacker sends an amount of data smaller than the amount previously specified, the attacker would cause the server to enter into an infinite loop and consume 100% of the available CPU resources.


Consequences:

Denial of Service

Remedy:

No remedy available as of September 1, 2014.

References:

  • BugTraq Mailing List, Wed Feb 11 2004 - 16:07:09 CST : Denial of Service in Ratbag's game engine.
  • Midway Web site: Midway Home.
  • BID-9644: Ratbag Game Engine Denial of Service Vulnerability
  • CVE-2004-0278: Ratbag game engine, as used in products such as Dirt Track Racing, Leadfoot, and World of Outlaws Spring Cars, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet that specifies the length of data to read and then sends a second TCP packet that contains less data than specified, which causes Ratbag to repeatedly check the socket for more data.
  • OSVDB ID: 6618: Ratbag Game Engine TCP Socket Read DoS

Platforms Affected:

  • Ratbag Games Dirt Track Racing 1.03 and prior
  • Ratbag Games Dirt Track Racing 2
  • Ratbag Games Dirt Track Racing Australia
  • Ratbag Games Dirt Track Racing Sprint Cars 1.01 and prior
  • Ratbag Games Leadfoot
  • Ratbag Games World of Outlaws Spring Cars

Reported:

Feb 11, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page