CVE-2006-2413

GNUnet < 0.7.0d - Denial of Service via Empty UDP Datagram

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2413. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This exploit sends an empty UDP packet to a vulnerable GNUnet service, causing a remote denial of service (DoS) due to improper handling of malformed packets. The exploit is simple and directly targets the UDP packet processing logic in GNUnet versions up to 0.7.0d.

Description

GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an empty UDP datagram, possibly involving FIONREAD errors.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · textdoswindows

https://www.exploit-db.com/exploits/1792

View Code ZIP pw:eip

This exploit sends an empty UDP packet to a vulnerable GNUnet service, causing a remote denial of service (DoS) due to improper handling of malformed packets. The exploit is simple and directly targets the UDP packet processing logic in GNUnet versions up to 0.7.0d.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: GNUnet <= 0.7.0d

No auth needed

Prerequisites: Network access to the target's UDP port

MITRE ATT&CK