Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4642

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-4642
Last Modified 05 Sep 2008 05:28:45
Published 31 Aug 2007 07:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4642

Summary

Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Write function in net_msg.c, or (3) many commands that are not properly handled by the NetSv_ReadCommands function in d_netsv.c; or (4) cause a denial of service (daemon crash) via a chat (PKT_CHAT) message without a final '\0' character.

Vulnerable Systems

Application

  • Doomsday 1.9.0 Beta5.1


References

BID - 25483

BUGTRAQ - 20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1

SECUNIA - 26524

MISC - http://aluigi.org/poc/dumsdei.zip

MISC - http://aluigi.altervista.org/adv/dumsdei-adv.txt

XF - doomsday-netsvreadcommands-bo(36334)

XF - doomsday-msgwrite-bo(36333)

XF - doomsday-dnetplayerevent-bo(36332)

SREASON - 3084

GENTOO - GLSA-200802-02

SECUNIA - 28821

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=190835


Last Updated: 27 May 2016 10:45:56