40 matches found
EUVD-2007-4431
Malware in sbrugna...
EUVD-2007-4429
Malware in sbrugna...
EUVD-2007-4430
Malware in sbrugna...
EUVD-2007-4434
Malware in sbrugna...
EUVD-2007-4435
Malware in sbrugna...
EUVD-2007-4432
Malware in sbrugna...
EUVD-2007-4433
Malware in sbrugna...
Toribash 2.x - Multiple Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/25359/info Toribash is prone to multiple remote code-execution and denial-of-service vulnerabilities that affect game servers and clients. Seven vulnerabilties were reported. Attackers may exploit these issues to execute...
Toribash多个拒绝服务及远程代码执行漏洞
BUGTRAQ ID: 25359 Toribash是一款流行的格斗游戏。 Toribash中存在多个远程漏洞,远程攻击者可能利用这些漏洞控制服务器。 --------------------------------- A 专用服务器格式串漏洞 --------------------------------- 如果客户端在加入游戏的时候直接向vfprintf发送了包含有BOUT ID; 1 0 0 0 0 0 NICKNAME 0的格式串,就可能导致服务器崩溃或执行任意指令。 ---------------------------------- B 客户端命令缓冲区溢出...
Command injection
The client in Toribash 2.71 and earlier allows remote attackers to cause a denial of service disconnection via a long 1 emote or 2 SPEC command...
Format string
Format string vulnerability in the server in Toribash 2.71 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the NICK command client nickname when entering a game...
Design/Logic Flaw
The server in Toribash 2.71 and earlier does not properly handle long commands, which allows remote attackers to trigger a protocol violation in which data is sent to other clients without a required LF character, as demonstrated by a SAY command. NOTE: the security impact of this violation is no...
CVE-2007-4446
Format string vulnerability in the server in Toribash 2.71 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the NICK command client nickname when entering a game...
CVE-2007-4447
Multiple buffer overflows in the client in Toribash 2.71 and earlier allow remote attackers to 1 execute arbitrary code via a long game command in a replay .rpl file and 2 cause a denial of service application crash via a long SAY command that omits a required LF character; and allow remote...
Buffer overflow
Multiple buffer overflows in the client in Toribash 2.71 and earlier allow remote attackers to 1 execute arbitrary code via a long game command in a replay .rpl file and 2 cause a denial of service application crash via a long SAY command that omits a required LF character; and allow remote...
CVE-2007-4448
The server in Toribash 2.71 and earlier does not properly handle partially joined clients that are temporarily assigned the ID of -1, which allows remote attackers to cause a denial of service daemon crash via a GRIP command with the ID of -1...
CVE-2007-4449
The client in Toribash 2.71 and earlier allows remote attackers to cause a denial of service application hang via a command without an LF character, as demonstrated by a SAY command...
Command injection
The client in Toribash 2.71 and earlier allows remote attackers to cause a denial of service application hang via a command without an LF character, as demonstrated by a SAY command...
CVE-2007-4452
The client in Toribash 2.71 and earlier allows remote attackers to cause a denial of service disconnection via a long 1 emote or 2 SPEC command...
CVE-2007-4451
The server in Toribash 2.71 and earlier on Windows allows remote attackers to cause a denial of service continuous beep and server hang via certain commands that contain many 0x07 or other invalid characters...