Vulnerabilities > CVE-2006-3325 - Multiple vulnerability in Quake 3

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
id-software
exploit available
NVD
Published: 2006-06-30
Updated: 2018-10-18

Summary

client/cl_parse.c in the id3 Quake 3 Engine 1.32c and the Icculus Quake 3 Engine (ioquake3) revision 810 and earlier allows remote malicious servers to overwrite arbitrary write-protected cvars variables on the client, such as cl_allowdownload for Automatic Downloading and fs_homepath for the quake3 path, via a string of cvar names and values sent from the server. NOTE: this can be combined with another vulnerability to overwrite arbitrary files.

Vulnerable Configurations

Part Description Count
Application
Id_Software
11

Exploit-Db

  • descriptionQuake 3 Engine Client CS_ITEMS Remote Overflow Exploit (Win32). CVE-2006-3325,CVE-2006-3401. Dos exploit for windows platform
    fileexploits/windows_x86/dos/1977.cpp
    idEDB-ID:1977
    last seen2016-01-31
    modified2006-07-02
    platformwindows_x86
    port
    published2006-07-02
    reporterRunningBon
    sourcehttps://www.exploit-db.com/download/1977/
    titleQuake 3 Engine Client CS_ITEms Remote Overflow Exploit Win32
    typedos
  • descriptionQuake 3 Engine Client CG_ServerCommand() Remote Overflow Exploit. CVE-2006-3324,CVE-2006-3325,CVE-2006-3400. Dos exploit for windows platform
    fileexploits/windows/dos/1976.cpp
    idEDB-ID:1976
    last seen2016-01-31
    modified2006-07-02
    platformwindows
    port
    published2006-07-02
    reporterRunningBon
    sourcehttps://www.exploit-db.com/download/1976/
    titleQuake 3 Engine Client CG_ServerCommand Remote Overflow Exploit
    typedos

References