Vulnerabilities > CVE-2004-0238 - Local Buffer Overflow vulnerability in 0Verkill 0.16
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple buffer overflows in Overkill (0verkill) 0.15pre3 might allow local users to execute arbitrary code in the client via a long HOME environment variable in the (1) load_cfg and (2) save_cfg functions; possibly allow remote attackers to execute arbitrary code via long strings to (3) the send_message function; and, in the server, via (4) the parse_command_line function.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | 0verkill 0.16 Game Client Multiple Local Buffer Overflow Vulnerabilities. CVE-2004-0238. Local exploit for linux platform |
id | EDB-ID:23634 |
last seen | 2016-02-02 |
modified | 2004-02-02 |
published | 2004-02-02 |
reporter | pi3ki31ny |
source | https://www.exploit-db.com/download/23634/ |
title | 0verkill 0.16 - Game Client Multiple Local Buffer Overflow Vulnerabilities |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/016579.html
- http://marc.info/?l=bugtraq&m=107577335424509&w=2
- http://www.securiteam.com/securitynews/5AP010KC0C.html
- http://www.securityfocus.com/bid/9550
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14999
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15000