The client and server of Chaser 1.50 and earlier allow remote attackers to cause a denial of service (crash via exception) via a UDP packet with a length field that is greater than the actual data length, which causes Chaser to read unexpected memory.
Software | From | Fixed in |
---|---|---|
cauldron / chaser_client | 1.5 | 1.5.x |
cauldron / chaser_server | 1.4.9 | 1.4.9.x |
cauldron / chaser_server | 1.5 | 1.5.x |