CVE-2006-4126

DConnect Daemon <= 0.7.0 - Denial of Service via Null Pointer Dereference in dc_chat Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4126. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The provided text describes a denial-of-service vulnerability in DConnect Daemon versions 0.7.0 and prior, caused by improper handling of null-pointer exceptions. No actual exploit code is included, only a reference to a binary exploit hosted elsewhere.

Description

The dc_chat function in cmd.dc.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to cause a denial of service (application crash) by sending a client message before providing the nickname, which triggers a null pointer dereference.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textdosmultiple

https://www.exploit-db.com/exploits/28345

View Code ZIP pw:eip

The provided text describes a denial-of-service vulnerability in DConnect Daemon versions 0.7.0 and prior, caused by improper handling of null-pointer exceptions. No actual exploit code is included, only a reference to a binary exploit hosted elsewhere.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Theoretical

Target: DConnect Daemon <= 0.7.0

No auth needed

Prerequisites: Network access to the vulnerable DConnect Daemon

MITRE ATT&CK