Vulnerabilities > CVE-2006-1102 - Remote vulnerability in Sauerbraten Cube and Sauerbraten
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (client exit) by forcing the server to change to a map (ogz) file whose name contains ".." sequences and has a certain length that prevents the addition of the ".ogz" extension.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | Sauerbraten <= 2006_02_28 Multiple BoF/Crash Vulnerabilities Exploit. CVE-2006-1100,CVE-2006-1101,CVE-2006-1102,CVE-2006-1103. Dos exploit for windows pla... |
id | EDB-ID:1559 |
last seen | 2016-01-31 |
modified | 2006-03-06 |
published | 2006-03-06 |
reporter | Luigi Auriemma |
source | https://www.exploit-db.com/download/1559/ |
title | Sauerbraten <= 2006_02_28 - Multiple BoF/Crash Vulnerabilities Exploit |
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-200603-10.NASL |
description | The remote host is affected by the vulnerability described in GLSA-200603-10 (Cube: Multiple vulnerabilities) Luigi Auriemma reported that Cube is vulnerable to a buffer overflow in the sgetstr() function (CVE-2006-1100) and that the sgetstr() and getint() functions fail to verify the length of the supplied argument, possibly leading to the access of invalid memory regions (CVE-2006-1101). Furthermore, he discovered that a client crashes when asked to load specially crafted mapnames (CVE-2006-1102). Impact : A remote attacker could exploit the buffer overflow to execute arbitrary code with the rights of the user running cube. An attacker could also exploit the other vulnerabilities to crash a Cube client or server, resulting in a Denial of Service. Workaround : Play solo games or restrict your multiplayer games to trusted parties. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 21048 |
published | 2006-03-13 |
reporter | This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/21048 |
title | GLSA-200603-10 : Cube: Multiple vulnerabilities |
code |
|
References
- http://aluigi.altervista.org/adv/evilcube-adv.txt
- http://secunia.com/advisories/19110
- http://secunia.com/advisories/19111
- http://secunia.com/advisories/19199
- http://securityreason.com/securityalert/548
- http://www.gentoo.org/security/en/glsa/glsa-200603-10.xml
- http://www.securityfocus.com/archive/1/426865/100/0/threaded
- http://www.securityfocus.com/archive/1/426867/100/0/threaded
- http://www.securityfocus.com/bid/16986
- http://www.vupen.com/english/advisories/2006/0847
- http://www.vupen.com/english/advisories/2006/0848
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25086