[原文]The enet_protocol_handle_send_fragment function in protocol.c for ENet library CVS version Jul 2005 and earlier, as used in products including (1) Cube, (2) Sauerbraten, and (3) Duke3d_w32, allows remote attackers to cause a denial of service (application crash) via a packet fragment with a large total data size, which triggers an application abort when memory allocation fails.
ENet Library enet_host_service Fragmented Packet Data Allocation DoS
Remote / Network Access
Denial of Service,
Loss of Availability
ENet Library contains a flaw that may allow a remote denial of service. The issue is triggered when the enet_host_service tries to reassemble fragmented packets with an overly large total data size value, and will result in loss of availability for the service.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.