EUVD-2006-1107

Malware in sbrugna...

Sauerbraten <= 2006_02_28 Multiple BoF/Crash Vulnerabilities Exploit

No description provided by source. / by Luigi Auriemma You NEED Enet for compiling this tool then remember -lenet http://enet.bespin.org / http://enet.cubik.org / include stdio.h include stdlib.h include string.h include time.h include enet/enet.h ifdef WIN32 include winsock.h / Header file used...

Integer overflow

Integer signedness error in the enetprotocolhandleincomingcommands function in protocol.c for ENet library CVS version Jul 2005 and earlier, as used in products including 1 Cube, 2 Sauerbraten, and 3 Duke3dw32, allows remote attackers to cause a denial of service application crash via a packet wi...

CVE-2006-1194

The CVE-2006-1194 entry concerns an integer signedness error in the ENet library’s enet_protocol_handle_incoming_commands (protocol.c) affecting CVS-version Jul 2005 and earlier. It is used by products including Cube, Sauerbraten, and Duke3d_w32. The flaw allows a remote attacker to cause an appl...

Null pointer dereference

engine/server.cpp in Sauerbraten 20060228, as derived from the Cube engine, allows remote attackers to cause a denial of service segmentation fault via a client that does not completely join the game and times out, which results in a null pointer dereference...

Design/Logic Flaw

Sauerbraten 20060228, as derived from the Cube engine, allows remote attackers to cause a denial of service client exit by forcing the server to change to a map ogz file whose name contains ".." sequences and has a certain length that prevents the addition of the ".ogz" extension...

Out-of-bounds

The 1 sgetstr and 2 getint functions in Sauerbraten 20060228, as derived from the Cube engine, allow remote attackers to cause a denial of service segmentation fault via long streams of input data that trigger an out-of-bounds read, as demonstrated using SVEXT tag data in the Cube engine, which i...

Buffer overflow

Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 20060228 and earlier, as derived from the Cube engine, allows remote attackers to execute arbitrary code via long streams of input data...

CVE-2006-1101

The 1 sgetstr and 2 getint functions in Sauerbraten 20060228, as derived from the Cube engine, allow remote attackers to cause a denial of service segmentation fault via long streams of input data that trigger an out-of-bounds read, as demonstrated using SVEXT tag data in the Cube engine, which i...

CVE-2006-1103

engine/server.cpp in Sauerbraten 20060228, as derived from the Cube engine, allows remote attackers to cause a denial of service segmentation fault via a client that does not completely join the game and times out, which results in a null pointer dereference...

CVE-2006-1102

Sauerbraten 20060228, as derived from the Cube engine, allows remote attackers to cause a denial of service client exit by forcing the server to change to a map ogz file whose name contains ".." sequences and has a certain length that prevents the addition of the ".ogz" extension...

CVE-2006-1100

Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 20060228 and earlier, as derived from the Cube engine, allows remote attackers to execute arbitrary code via long streams of input data...

CVE-2006-1100

Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 20060228 and earlier, as derived from the Cube engine, allows remote attackers to execute arbitrary code via long streams of input data...

CVE-2006-1102

Sauerbraten 20060228, as derived from the Cube engine, allows remote attackers to cause a denial of service client exit by forcing the server to change to a map ogz file whose name contains ".." sequences and has a certain length that prevents the addition of the ".ogz" extension...

CVE-2006-1103

engine/server.cpp in Sauerbraten 20060228, as derived from the Cube engine, allows remote attackers to cause a denial of service segmentation fault via a client that does not completely join the game and times out, which results in a null pointer dereference...

CVE-2006-1101

The CVE-2006-1101 entry affects Cube (Sauerbraten 2006_02_28) via a failure to verify input length in sgetstr()/getint(), enabling remote attackers to trigger an out-of-bounds read and cause a denial of service. Connected advisories confirm the issue in Cube’s sgetstr and getint functions and not...

CVE-2006-1100

CVE-2006-1100 concerns a buffer overflow in the sgetstr function in shared/cube.h of Sauerbraten (Cube engine) before and including 2006-02-28. The vulnerability can be triggered by long input streams, potentially allowing a remote attacker to execute arbitrary code with the privileges of the run...

CVE-2006-1102

CVE-2006-1102 affects Cube-based Sauerbraten (2006_02_28) and is linked to a denial of service when a server is forced to load a map (.ogz) whose name contains ".." and a length that blocks appending the .ogz extension. OpenVAS/NVD entries confirm the issue exists; Gentoo GLSA-200603-10 documents...

CVE-2006-1101

The 1 sgetstr and 2 getint functions in Sauerbraten 20060228, as derived from the Cube engine, allow remote attackers to cause a denial of service segmentation fault via long streams of input data that trigger an out-of-bounds read, as demonstrated using SVEXT tag data in the Cube engine, which i...

CVE-2006-1103

CVE-2006-1103 affects Sauerbraten (engine/server.cpp, Sauerbraten 2006_02_28; derived from the Cube engine). The vulnerability allows a remote attacker to cause a denial of service (segmentation fault) when a client does not completely join the game and times out, triggering a null pointer derefe...