Vulnerabilities > CVE-2004-0735 - Remote Buffer Overflow vulnerability in Medal Of Honor Allied Assault
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo query, (2) the connect packet, and other unknown vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
Exploit-Db
description Medal of Honor Remote Buffer Overflow Vulnerability. CVE-2004-0735. Dos exploit for windows platform id EDB-ID:357 last seen 2016-01-31 modified 2004-07-20 published 2004-07-20 reporter Luigi Auriemma source https://www.exploit-db.com/download/357/ title Medal of Honor Remote Buffer Overflow Vulnerability description Medal Of Honor Allied Assault getinfo Stack Buffer Overflow. CVE-2004-0735. Remote exploit for windows platform id EDB-ID:16695 last seen 2016-02-02 modified 2010-05-09 published 2010-05-09 reporter metasploit source https://www.exploit-db.com/download/16695/ title Medal Of Honor Allied Assault getinfo Stack Buffer Overflow description Medal of Honor Spearhead Server Remote Buffer Overflow (Linux). CVE-2004-0735. Remote exploit for linux platform id EDB-ID:826 last seen 2016-01-31 modified 2005-02-18 published 2005-02-18 reporter millhouse source https://www.exploit-db.com/download/826/ title Medal of Honor Spearhead Server Remote Buffer Overflow Linux
Metasploit
description | This module exploits a stack based buffer overflow in the getinfo command of Medal Of Honor Allied Assault. |
id | MSF:EXPLOIT/WINDOWS/GAMES/MOHAA_GETINFO |
last seen | 2020-03-11 |
modified | 2017-07-24 |
published | 2008-10-07 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0735 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/games/mohaa_getinfo.rb |
title | Medal of Honor Allied Assault getinfo Stack Buffer Overflow |
Nessus
NASL family | Gain a shell remotely |
NASL id | MEDALOFHONOR_BOF.NASL |
description | The remote host was running the Medal of Honor game server. The version installed on the remote host is vulnerable to a remote attack that allows for arbitrary code execution. Note that Nessus has disabled this service in testing for this flaw. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 14243 |
published | 2004-08-10 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/14243 |
title | Medal of Honor Multiple Remote Overflows |
Packetstorm
data source | https://packetstormsecurity.com/files/download/82984/mohaa_getinfo.rb.txt |
id | PACKETSTORM:82984 |
last seen | 2016-12-05 |
published | 2009-11-26 |
reporter | Jacopo Cervini |
source | https://packetstormsecurity.com/files/82984/Medal-Of-Honor-Allied-Assault-getinfo-Stack-Overflow.html |
title | Medal Of Honor Allied Assault getinfo Stack Overflow |