CVE-2006-0771

Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and possibly other games, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in invalid cvar values, which are not properly handled when the server kicks the player and records the reason.

CVSS v2.0 6.4 MEDIUM

6.4^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:P

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://aluigi.altervista.org/adv/sof2pbfs-adv.txt
http://secunia.com/advisories/18917	Vendor Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0372.html
http://www.securityfocus.com/bid/16703
http://securityreason.com/securityalert/448
https://exchange.xforce.ibmcloud.com/vulnerabilities/24792
http://www.securityfocus.com/archive/1/425286/100/0/threaded

Configurations

Configuration 1 (hide)

cpe:2.3:a:even_balance:punkbuster:*:*:*:*:*:*:*:*

Information

Published : 2006-02-18 13:02

Updated : 2018-10-19 08:46

NVD link : CVE-2006-0771

Mitre link : CVE-2006-0771

JSON object : View

CWE

CWE-134

Use of Externally-Controlled Format String

Products Affected

even_balance

punkbuster

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://aluigi.altervista.org/adv/sof2pbfs-adv.txt", "name": "http://aluigi.altervista.org/adv/sof2pbfs-adv.txt", "tags": [], "refsource": "MISC"}, {"url": "http://secunia.com/advisories/18917", "name": "18917", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0372.html", "name": "20060216 Soldier of Fortune II format string through PunkBuster 1.180", "tags": [], "refsource": "FULLDISC"}, {"url": "http://www.securityfocus.com/bid/16703", "name": "16703", "tags": [], "refsource": "BID"}, {"url": "http://securityreason.com/securityalert/448", "name": "448", "tags": [], "refsource": "SREASON"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24792", "name": "punkbuster-cvars-format-string(24792)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/425286/100/0/threaded", "name": "20060216 Soldier of Fortune II format string through PunkBuster 1.180", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and possibly other games, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in invalid cvar values, which are not properly handled when the server kicks the player and records the reason."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-134"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-0771", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 4.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-02-18T21:02Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:even_balance:punkbuster:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.180"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-19T15:46Z"}

6.4 /10