Vulnerabilities > CVE-2006-3790 - Remote vulnerability in UFO2000
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The decode_stringmap function in server_transport.cpp for UFO2000 svn 1057 allows remote attackers to cause a denial of service (daemon termination) via a keysize or valsize that is inconsistent with the packet size, which leads to a buffer over-read.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-200702-10.NASL |
description | The remote host is affected by the vulnerability described in GLSA-200702-10 (UFO2000: Multiple vulnerabilities) Five vulnerabilities were found: a buffer overflow in recv_add_unit(); a problem with improperly trusting user-supplied string information in decode_stringmap(); several issues with array manipulation via various commands during play; a SQL injection in server_protocol.cpp; and finally, a second buffer overflow in recv_map_data(). Impact : An attacker could send crafted network traffic as part of a multi-player game that could result in remote code execution on the remote opponent or the server. A remote attacker could also run arbitrary SQL queries against the server account database, and perform a Denial of Service on a remote opponent by causing the game to crash. Workaround : There is no known workaround at this time. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 24722 |
published | 2007-02-27 |
reporter | This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/24722 |
title | GLSA-200702-10 : UFO2000: Multiple vulnerabilities |
code |
|
References
- http://aluigi.altervista.org/adv/ufo2ko-adv.txt
- http://secunia.com/advisories/21091
- http://secunia.com/advisories/24297
- http://securityreason.com/securityalert/1259
- http://securitytracker.com/id?1016503
- http://svn.sourceforge.net/viewcvs.cgi/ufo2000/trunk/src/server_transport.cpp?view=log
- http://www.gentoo.org/security/en/glsa/glsa-200702-10.xml
- http://www.securityfocus.com/archive/1/440293/100/0/threaded
- http://www.securityfocus.com/bid/19035
- http://www.vupen.com/english/advisories/2006/2837
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27800