Mocha Telnet Lite Denial-of-Service Vulnerability
Vulnerability
A denial-of-service vulnerability has been identified in Mocha Telnet Lite for iOS, specifically in version 4.2. This vulnerability allows attackers to crash the application by manipulating the user configuration input. By overwriting the 'User' field with 350 bytes of repeated characters, the application can be forced to crash, disrupting normal functionality.
Impact
Exploiting this vulnerability leads to a crash of the Mocha Telnet Lite application, causing a denial-of-service condition where the app becomes unresponsive and fails to function normally.
Reproduction
To reproduce this vulnerability, first run a Python script that generates a buffer of 350 bytes of repeated characters. Copy this buffer into the clipboard, then open Mocha Telnet Lite for iOS. Navigate to the configuration settings and create a new configuration. Paste the buffered characters into the 'User' field, enter a password, and then attempt to connect. The application will crash shortly after.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.