Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4446

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-4446
Last Modified 05 Sep 2008 05:28:15
Published 20 Aug 2007 08:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4446

Summary

Format string vulnerability in the server in Toribash 2.71 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the NICK command (client nickname) when entering a game.

Vulnerable Systems

Application

  • Toribash 2.71


References

BID - 25359

BUGTRAQ - 20070818 Multiple vulnerabilities in Toribash 2.71

SECUNIA - 26507

MISC - http://aluigi.org/poc/toribashish.zip

SREASON - 3033


Last Updated: 27 May 2016 10:45:52