WorldSession::ReadAddonsInfo Denial of Service
Package
No package listed
Affected versions
branch 3.3.5 commit 37f69825c445f3c973172792e1abc0bdc9f02dde and earlier
Patched versions
branch 3.3.5 commit 86b516c3f27f155f267245fc27ae634a76bb1e2f and later
Impact
This vulnerability allows an attacker sending malicious packets to cause on worldserver executable high CPU usage, high amount of SQL queries and application crash.
It affects branch 3.3.5 only, it has no impact on master branch.
Patches
Users should update to at least 86b516c
Workarounds
There are no workarounds, users have to update to at least 86b516c .
References
#23215 (comment)
cd3d317
86b516c
For more information
If you have any questions or comments about this advisory: