Published: 15/03/2006 Updated: 18/08/2021

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote malicious users to execute arbitrary code via a long setup sound command, a different vulnerability than CVE-2006-1010.

Vulnerable Product	Search on Vulmon	Subscribe to Product
crossfire crossfire 1.9.0

A buffer overflow has been discovered in the crossfire game which allows remote attackers to execute arbitrary code For the old stable distribution (woody) this problem has been fixed in version 110-1woody2 For the stable distribution (sarge) this problem has been fixed in version 160dfsg1-4sarge2 For the unstable distribution (sid) this p ...

// crossfire-server <= 190 "SetUp()" remote buffer overflow // // exploit by landser - ihsahn at gmail com // vote shinuiorgil // #include <stdioh> #include <stdlibh> #include <stringh> #include <unistdh> #include <getopth> #include <arpa/ineth> #include <sys/typesh> #include <sys/s ...

Crossfire Server version 10 SetUp() remote buffer overflow exploit ...

NVD-CWE-Other http://www.securityfocus.com/bid/17093 http://secunia.com/advisories/19237 http://cvs.sourceforge.net/viewcvs.py/crossfire/crossfire/socket/request.c?rev=1.86&view=log http://www.debian.org/security/2006/dsa-1009 http://secunia.com/advisories/19276 http://www.osvdb.org/23904 http://www.vupen.com/english/advisories/2006/0951 https://exchange.xforce.ibmcloud.com/vulnerabilities/25252 https://www.exploit-db.com/exploits/1582 http://packetstormsecurity.com/files/163873/Crossfire-Server-1.0-Buffer-Overflow.html https://nvd.nist.gov https://www.debian.org/security/./dsa-1009 https://www.exploit-db.com/exploits/1582/

CVE-2006-1236

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect