RarmaRadio Buffer Overflow Vulnerability in Network Settings Leading to Denial-of-Service
Vulnerability
A buffer overflow vulnerability has been identified in RarmaRadio version 2.72.3, specifically within the Server field of the Network settings. This vulnerability allows local attackers to crash the application by entering an excessively long string. By pasting a payload exceeding 4000 bytes into the Server field via the Settings menu, the application can be made to crash.
Impact
Exploitation of this vulnerability leads to a denial-of-service condition, causing the application to crash.
Reproduction
To reproduce this vulnerability, first create a text file containing a payload of 4000 bytes. This can be done using a simple Python script that writes the payload to a file. After generating the payload, open RarmaRadio and navigate to 'Edit' > 'Settings' > 'Network'. In the 'Server' field, paste the contents of the text file. Once the payload is pasted, click 'OK' to apply the changes. The application will crash, demonstrating the denial-of-service condition caused by the buffer overflow.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.