Vulnerability in Sonic Robo Blast 2 (SRB2) Plugin Allows Remote Crash in Doomseeker

Vulnerability in Sonic Robo Blast 2 (SRB2) Plugin Allows Remote Crash in Doomseeker

CVE-2019-12968 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

A vulnerability was found in the Sonic Robo Blast 2 (SRB2) plugin (EP_Versions 9 to 11 inclusive) distributed with Doomseeker 1.1 and 1.2. Affected plugin versions did not discard IP packets with an unnaturally long response length from a Sonic Robo Blast 2 master server, allowing a remote attacker to cause a potential crash / denial of service in Doomseeker. The issue has been remediated in the Doomseeker 1.3 release with source code patches to the SRB2 plugin.

Learn more about our Cis Benchmark Audit For Server Software.