Netrek Vanilla Server EVENTLOG格式串处理漏洞

Netrek Vanilla Server是一个开源软件包，可为Netrek客户端提供多玩家战斗模拟服务。 Netrek Vanilla Server在特定配置情况下存在格式串处理漏洞，远程攻击者可能利用此漏洞控制服务器。 如果在etc/sysdef文件中EVENTLOG=1的话（默认EVENTLOG=0），服务器在处理消息时就可能出现格式串错误。远程攻击者可以通过向服务器发送恶意消息导致拒绝服务或执行任意指令。 Netrek Vanilla Server 2.12 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.netrek.org/...

Netrek 2.12.0 pmessage2() Remote Limited Format String Exploit

No description provided by source. Luigi Auriemma Application: Netrek http://www.netrek.org Versions: = 2.12.0 Vanilla server Platforms: nix and Windows Bug: format string Exploitation: remote in-game Date: 02 Mar 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1...

Format string

Format string vulnerability in the newwarning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in the message handling...

CVE-2007-1251

Format string vulnerability in the newwarning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in the message handling...

CVE-2007-1251

Netrek Vanilla Server 2.12.0 is affected by a format string vulnerability in ntserv/warning.c (new_warning) when EVENTLOG is enabled. The issue allows remote attackers to crash the server or potentially execute arbitrary code via format string specifiers in message handling. The available sources...

CVE-2007-1251

Format string vulnerability in the newwarning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in the message handling...

Netrek 2.12.0 - 'pmessage2()' Remote Limited Format String

Luigi Auriemma Application: Netrek http://www.netrek.org Versions: = 2.12.0 Vanilla server Platforms: nix and Windows Bug: format string Exploitation: remote in-game Date: 02 Mar 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4 Fix...

Netrek 2.12.0 pmessage2() Remote Limited Format String Exploit

Exploit for unknown platform in category dos / poc ============================================================== Netrek 2.12.0 pmessage2 Remote Limited Format String Exploit ============================================================== Luigi Auriemma Application: Netrek http://www.netrek.org...

Netrek 2.12.0 - pmessage2() Remote Limited Format String

Netrek 2.12.0 - pmessage2 Remote Limited Format String Luigi Auriemma Application: Netrek http://www.netrek.org Versions: = 2.12.0 Vanilla server Platforms: nix and Windows Bug: format string Exploitation: remote in-game Date: 02 Mar 2007 Author: Luigi Auriemma e-mail: [email protected] web:...