CVE-2007-6103

I Hear U < 0.5.6 - Denial of Service via Malformed Packet Handling

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6103. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The provided text describes multiple denial-of-service vulnerabilities in I Hear U prior to version 0.5.7, caused by mishandling of crafted packets. No actual exploit code is present; it is a vulnerability summary with a reference link.

Description

I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a denial of service (infinite loop) via a packet that contains zero in the size field in its header, which is improperly handled by the Receiver::processPacket function; and (2) a denial of service (daemon crash) via an (a) IHU_INFO_INIT or a (b) IHU_INFO_RING packet that does not specify the mode, which is improperly handled by the Player::ring function in Player.cpp.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textdosmultiple

https://www.exploit-db.com/exploits/30791

View Code ZIP pw:eip

The provided text describes multiple denial-of-service vulnerabilities in I Hear U prior to version 0.5.7, caused by mishandling of crafted packets. No actual exploit code is present; it is a vulnerability summary with a reference link.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Theoretical

Target: I Hear U < 0.5.7

No auth needed

Prerequisites: Network access to the target application

MITRE ATT&CK