Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1010

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-1010
Last Modified 07 Mar 2011 09:31:36
Published 06 Mar 2006 04:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1010

Summary

Buffer overflow in socket/request.c in CrossFire before 1.9.0, when oldsocketmode is enabled, allows remote attackers to cause a denial of service (segmentation fault) and possibly execute code by sending the server a large request.

Vulnerable Systems

Application

  • Crossfire 1.7.0

  • Crossfire 1.8.0


References

XF - crossfire-oldsocketmode-bo(24932)

SECUNIA - 19044

CONFIRM - http://cvs.sourceforge.net/viewcvs.py/crossfire/crossfire/socket/request.c?r1=1.80&r2=1.81

VUPEN - ADV-2006-0760

MISC - http://aluigi.altervista.org/poc/crossfirebof.zip

BID - 16883

OSVDB - 23549

GENTOO - GLSA-200604-11

DEBIAN - DSA-1001

SECUNIA - 19785

SECUNIA - 19194


Last Updated: 27 May 2016 10:41:52