Vulnerabilities > CVE-2005-3487 - Multiple vulnerability in Scorched 3D Scorched 3D 39.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, (4) a long command that is not properly handled in ComsMessageHandler.cpp when generating an error message, (5) a long UniqueID value in Logger.cpp, and possibly other unspecified vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Scorched 3D <= 39.1 Multiple Vulnerabilities (All-in-One) (PoC). CVE-2005-3486,CVE-2005-3487,CVE-2005-3488. Dos exploit for windows platform |
id | EDB-ID:1285 |
last seen | 2016-01-31 |
modified | 2005-11-02 |
published | 2005-11-02 |
reporter | Luigi Auriemma |
source | https://www.exploit-db.com/download/1285/ |
title | Scorched 3D <= 39.1 - Multiple Vulnerabilities All-in-One PoC |
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-200511-12.NASL |
description | The remote host is affected by the vulnerability described in GLSA-200511-12 (Scorched 3D: Multiple vulnerabilities) Luigi Auriemma discovered multiple flaws in the Scorched 3D game server, including a format string vulnerability and several buffer overflows. Impact : A remote attacker can exploit these vulnerabilities to crash a game server or execute arbitrary code with the rights of the game server user. Users not running a Scorched 3D game server are not affected by these flaws. Workaround : There is no known workaround at this time. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 20233 |
published | 2005-11-21 |
reporter | This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/20233 |
title | GLSA-200511-12 : Scorched 3D: Multiple vulnerabilities |
code |
|
References
- http://aluigi.altervista.org/adv/scorchbugs-adv.txt
- http://marc.info/?l=full-disclosure&m=113095941031946&w=2
- http://secunia.com/advisories/17423
- http://www.gentoo.org/security/en/glsa/glsa-200511-12.xml
- http://www.osvdb.org/20468
- http://www.osvdb.org/20469
- http://www.securityfocus.com/bid/15292
- http://www.vupen.com/english/advisories/2005/2288