Name: Dr. Anuus 2025-03-29 8:09
Scientists recently discovered a yet another critical vulnerability that affects the majority of the implementations of RLTP (the Reverse Lout Tsking Protocol). That vulnerability allows an attacker to gain the privileges of a dubber without being one herself. This is caused by the implementations not checking the post ID field and simply trusting the dubs field. RLTP is a very old protocol that carries a lot of deprecated and rarely used features of an older era, in addition to not not being webscale. Experts are advising to move to the newer PPP (the Penis Punischment Protocol, developed by the RedCream institute) but many of the older RLTP users refuse to make the change due to PPP's support for images.
RFC: 6503
REVERSE LOUT TSKING PROTOCOL
DERP INTERNET PROGRAM
PROTOCOL SPECIFICATION
September 1981
prepared for
tinychan /prog/ bulletin board system poastings
Rude Lout Control Office
/prog/ @ tinychan
dis, tinychan, 00000
by
Information Sciences Institute
University of Pumblenuts
September 1981
0 1
0 1 2 3 4 5 6 7 8 9 A B C D E F 0 1 2 3 4 5 6 7 8 9 A B C D E F
+-----+---------------+---------+-----------------------------+
| ver | request code | label | length |
+-+-+-+-+-+-+-+-+-----+---------+-----------------------------+
|T|R|U|B|O|I|L|D|identification | sequence number |
+-+-+-+-+-+-+-+-+---------------+---------------+-------------+
| thread ID | post ID | name |
+-------------------------------+---------------+-------------+
| |
= POASTINGS =
| |
+-------------------------------------------------------------+
| checksum |
+-------------------------------------------------------------+
RLTP Header Format
Flags:
T - tsk
B - belligerent
R - rude
U - uncouth
O - obtuse
I - ill-mannered
L - loutlike
D - dubs