Vulnerabilities > CVE-2007-4426 - Unspecified vulnerability in Live for Speed Live for Speed S1/S2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Live for Speed (LFS) S1 and S2 allows remote attackers to cause a denial of service (server crash) via (1) a certain 0x00 byte in a pre-login ID 3 packet, which triggers a NULL dereference; or (2) a pre-login ID 5 packet that lacks certain strings, which triggers an invalid pointer dereference.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://aluigi.altervista/adv/lfsbof-adv.txt
- http://aluigi.altervista/adv/lfsbof-adv.txt
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065265.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065265.html
- http://secunia.com/advisories/26569
- http://secunia.com/advisories/26569
- http://securityreason.com/securityalert/3030
- http://securityreason.com/securityalert/3030
- http://www.securityfocus.com/archive/1/476516/100/0/threaded
- http://www.securityfocus.com/archive/1/476516/100/0/threaded
- http://www.vupen.com/english/advisories/2007/2975
- http://www.vupen.com/english/advisories/2007/2975
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36019
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36019
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36020
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36020