Vulnerabilities > CVE-2006-1402 - Buffer Overflow and Format String vulnerability in Csdoom 20050.7
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in client/server Doom (csDoom) 0.7 and earlier allows remote attackers to (1) cause a denial of service via a long nickname or teamname to the SV_SetupUserInfo function or (2) execute arbitrary code via a long string sent when joining a match or a long chat message to the SV_BroadcastPrintf function.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://aluigi.altervista.org/adv/csdoombof-adv.txt
- http://secunia.com/advisories/19389
- http://voxelsoft.com/csdoom/
- http://www.securityfocus.com/bid/17248
- http://www.vupen.com/english/advisories/2006/1105
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25448
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25449