Vulnerabilities > CVE-2006-1100 - Remote vulnerability in Sauerbraten Cube and Sauerbraten
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 2006_02_28 and earlier, as derived from the Cube engine, allows remote attackers to execute arbitrary code via long streams of input data.
Vulnerable Configurations
Exploit-Db
description | Sauerbraten <= 2006_02_28 Multiple BoF/Crash Vulnerabilities Exploit. CVE-2006-1100,CVE-2006-1101,CVE-2006-1102,CVE-2006-1103. Dos exploit for windows pla... |
id | EDB-ID:1559 |
last seen | 2016-01-31 |
modified | 2006-03-06 |
published | 2006-03-06 |
reporter | Luigi Auriemma |
source | https://www.exploit-db.com/download/1559/ |
title | Sauerbraten <= 2006_02_28 - Multiple BoF/Crash Vulnerabilities Exploit |
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-200603-10.NASL |
description | The remote host is affected by the vulnerability described in GLSA-200603-10 (Cube: Multiple vulnerabilities) Luigi Auriemma reported that Cube is vulnerable to a buffer overflow in the sgetstr() function (CVE-2006-1100) and that the sgetstr() and getint() functions fail to verify the length of the supplied argument, possibly leading to the access of invalid memory regions (CVE-2006-1101). Furthermore, he discovered that a client crashes when asked to load specially crafted mapnames (CVE-2006-1102). Impact : A remote attacker could exploit the buffer overflow to execute arbitrary code with the rights of the user running cube. An attacker could also exploit the other vulnerabilities to crash a Cube client or server, resulting in a Denial of Service. Workaround : Play solo games or restrict your multiplayer games to trusted parties. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 21048 |
published | 2006-03-13 |
reporter | This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/21048 |
title | GLSA-200603-10 : Cube: Multiple vulnerabilities |
code |
|
References
- http://aluigi.altervista.org/adv/evilcube-adv.txt
- http://cvs.sourceforge.net/viewcvs.py/sauerbraten/sauerbraten/src/shared/cube.h?r1=1.7&r2=1.8
- http://secunia.com/advisories/19110
- http://secunia.com/advisories/19111
- http://secunia.com/advisories/19199
- http://www.gentoo.org/security/en/glsa/glsa-200603-10.xml
- http://www.securityfocus.com/archive/1/426865/100/0/threaded
- http://www.securityfocus.com/archive/1/426867/100/0/threaded
- http://www.securityfocus.com/bid/16986
- http://www.vupen.com/english/advisories/2006/0847
- http://www.vupen.com/english/advisories/2006/0848
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25083