Multiple buffer overflows in the client in Toribash 2.71 and previous versions allow remote malicious users to (1) execute arbitrary code via a long game command in a replay (.rpl) file and (2) cause a denial of service (application crash) via a long SAY command that omits a required LF character; and allow remote Toribash servers to execute arbitrary code via (3) a long game command and (4) a long SAY command that omits a required LF character.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
toribash toribash |