Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6704

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-6704
Last Modified 25 Apr 2009 01:40:48
Published 10 Apr 2009 06:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6704

Summary

Integer overflow in the NET_Compressor::Decompress function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server crash) via a crafted packet with a 0xc1 value that contains no compressed data, which triggers a copy of a large amount of memory.

Vulnerable Systems

Application

  • Stalker-game S.t.a.l.k.e.r.%3a Shadow Of Chernobyl 1.0006


References

XF - stalker-netcompressor-overflow(43456)

BID - 29997

BUGTRAQ - 20080628 Multiple vulnerabilities in S.T.A.L.K.E.R. 1.0006

SECUNIA - 30891

OSVDB - 46627

MISC - http://aluigi.altervista.org/adv/stalker39x-adv.txt


Last Updated: 27 May 2016 10:49:18