Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
8 vulnerabilities found for doomsday by doomsday
CVE-2007-4644 (GCVE-0-2007-4644)
Vulnerability from nvd – Published: 2007-08-31 23:00 – Updated: 2024-08-07 15:01
VLAI
EPSS
VEX
Summary
Format string vulnerability in the Cl_GetPackets function in cl_main.c in the client in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote Doomsday servers to execute arbitrary code via format string specifiers in a PSV_CONSOLE_TEXT message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/3084 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/28821 | third-party-advisoryx_refsource_SECUNIA |
| http://bugs.gentoo.org/show_bug.cgi?id=190835 | x_refsource_CONFIRM |
| http://secunia.com/advisories/26524 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/478077/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/25483 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200802-02.xml | vendor-advisoryx_refsource_GENTOO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://aluigi.org/poc/dumsdei.zip | x_refsource_MISC |
Date Public
2007-08-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3084",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28821"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "25483",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "doomsday-clgetpackets-format-string(36337)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36337"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/poc/dumsdei.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the Cl_GetPackets function in cl_main.c in the client in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote Doomsday servers to execute arbitrary code via format string specifiers in a PSV_CONSOLE_TEXT message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3084",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28821"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "25483",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "doomsday-clgetpackets-format-string(36337)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36337"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/poc/dumsdei.zip"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the Cl_GetPackets function in cl_main.c in the client in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote Doomsday servers to execute arbitrary code via format string specifiers in a PSV_CONSOLE_TEXT message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3084",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28821"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=190835",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "25483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "doomsday-clgetpackets-format-string(36337)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36337"
},
{
"name": "http://aluigi.org/poc/dumsdei.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/dumsdei.zip"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4644",
"datePublished": "2007-08-31T23:00:00.000Z",
"dateReserved": "2007-08-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:01:09.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4643 (GCVE-0-2007-4643)
Vulnerability from nvd – Published: 2007-08-31 23:00 – Updated: 2024-08-07 15:01
VLAI
EPSS
VEX
Summary
Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a PKT_CHAT packet with a data length less than 3, which triggers an erroneous malloc, possibly related to the Sv_HandlePacket function in sv_main.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/3084 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/28821 | third-party-advisoryx_refsource_SECUNIA |
| http://bugs.gentoo.org/show_bug.cgi?id=190835 | x_refsource_CONFIRM |
| http://secunia.com/advisories/26524 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/478077/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/25483 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200802-02.xml | vendor-advisoryx_refsource_GENTOO |
| http://aluigi.org/poc/dumsdei.zip | x_refsource_MISC |
Date Public
2007-08-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "doomsday-svhandlepacket-underflow(36338)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36338"
},
{
"name": "3084",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28821"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "25483",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/poc/dumsdei.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a PKT_CHAT packet with a data length less than 3, which triggers an erroneous malloc, possibly related to the Sv_HandlePacket function in sv_main.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "doomsday-svhandlepacket-underflow(36338)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36338"
},
{
"name": "3084",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28821"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "25483",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/poc/dumsdei.zip"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4643",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a PKT_CHAT packet with a data length less than 3, which triggers an erroneous malloc, possibly related to the Sv_HandlePacket function in sv_main.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "doomsday-svhandlepacket-underflow(36338)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36338"
},
{
"name": "3084",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28821"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=190835",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "25483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "http://aluigi.org/poc/dumsdei.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/dumsdei.zip"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4643",
"datePublished": "2007-08-31T23:00:00.000Z",
"dateReserved": "2007-08-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:01:09.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4642 (GCVE-0-2007-4642)
Vulnerability from nvd – Published: 2007-08-31 23:00 – Updated: 2024-08-07 15:01
VLAI
EPSS
VEX
Summary
Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Write function in net_msg.c, or (3) many commands that are not properly handled by the NetSv_ReadCommands function in d_netsv.c; or (4) cause a denial of service (daemon crash) via a chat (PKT_CHAT) message without a final '\0' character.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/3084 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/28821 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://aluigi.altervista.org/adv/dumsdei-adv.txt | x_refsource_MISC |
| http://bugs.gentoo.org/show_bug.cgi?id=190835 | x_refsource_CONFIRM |
| http://secunia.com/advisories/26524 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/478077/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/25483 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200802-02.xml | vendor-advisoryx_refsource_GENTOO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://aluigi.org/poc/dumsdei.zip | x_refsource_MISC |
Date Public
2007-08-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3084",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28821"
},
{
"name": "doomsday-dnetplayerevent-bo(36332)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36332"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/dumsdei-adv.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "doomsday-msgwrite-bo(36333)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36333"
},
{
"name": "25483",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "doomsday-netsvreadcommands-bo(36334)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36334"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/poc/dumsdei.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Write function in net_msg.c, or (3) many commands that are not properly handled by the NetSv_ReadCommands function in d_netsv.c; or (4) cause a denial of service (daemon crash) via a chat (PKT_CHAT) message without a final \u0027\\0\u0027 character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3084",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28821"
},
{
"name": "doomsday-dnetplayerevent-bo(36332)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36332"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/dumsdei-adv.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "doomsday-msgwrite-bo(36333)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36333"
},
{
"name": "25483",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "doomsday-netsvreadcommands-bo(36334)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36334"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/poc/dumsdei.zip"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Write function in net_msg.c, or (3) many commands that are not properly handled by the NetSv_ReadCommands function in d_netsv.c; or (4) cause a denial of service (daemon crash) via a chat (PKT_CHAT) message without a final \u0027\\0\u0027 character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3084",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28821"
},
{
"name": "doomsday-dnetplayerevent-bo(36332)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36332"
},
{
"name": "http://aluigi.altervista.org/adv/dumsdei-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/dumsdei-adv.txt"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=190835",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "doomsday-msgwrite-bo(36333)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36333"
},
{
"name": "25483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "doomsday-netsvreadcommands-bo(36334)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36334"
},
{
"name": "http://aluigi.org/poc/dumsdei.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/dumsdei.zip"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4642",
"datePublished": "2007-08-31T23:00:00.000Z",
"dateReserved": "2007-08-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:01:09.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1618 (GCVE-0-2006-1618)
Vulnerability from nvd – Published: 2006-04-05 10:00 – Updated: 2024-08-07 17:19
VLAI
EPSS
VEX
Summary
Format string vulnerability in the (1) Con_message and (2) conPrintf functions in con_main.c in Doomsday engine 1.8.6 allows remote attackers to execute arbitrary code via format string specifiers in an argument to the JOIN command, and possibly other command arguments.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/429857/100… | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1015860 | vdb-entryx_refsource_SECTRACK |
| http://www.gentoo.org/security/en/glsa/glsa-20060… | vendor-advisoryx_refsource_GENTOO |
| http://aluigi.altervista.org/adv/doomsdayfs-adv.txt | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/19519 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/17369 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/19515 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/1221 | vdb-entryx_refsource_VUPEN |
Date Public
2006-04-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:19:48.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060403 Format string in Doomsday 1.8.6",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/429857/100/0/threaded"
},
{
"name": "1015860",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015860"
},
{
"name": "GLSA-200604-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-05.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/doomsdayfs-adv.txt"
},
{
"name": "doomsday-conmessage-conprintf-format-string(25622)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25622"
},
{
"name": "20060403 Format string in Doomsday 1.8.6",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044865.html"
},
{
"name": "19519",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19519"
},
{
"name": "17369",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17369"
},
{
"name": "19515",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19515"
},
{
"name": "ADV-2006-1221",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1221"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the (1) Con_message and (2) conPrintf functions in con_main.c in Doomsday engine 1.8.6 allows remote attackers to execute arbitrary code via format string specifiers in an argument to the JOIN command, and possibly other command arguments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060403 Format string in Doomsday 1.8.6",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/429857/100/0/threaded"
},
{
"name": "1015860",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015860"
},
{
"name": "GLSA-200604-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-05.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/doomsdayfs-adv.txt"
},
{
"name": "doomsday-conmessage-conprintf-format-string(25622)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25622"
},
{
"name": "20060403 Format string in Doomsday 1.8.6",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044865.html"
},
{
"name": "19519",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19519"
},
{
"name": "17369",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17369"
},
{
"name": "19515",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19515"
},
{
"name": "ADV-2006-1221",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1221"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the (1) Con_message and (2) conPrintf functions in con_main.c in Doomsday engine 1.8.6 allows remote attackers to execute arbitrary code via format string specifiers in an argument to the JOIN command, and possibly other command arguments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060403 Format string in Doomsday 1.8.6",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/429857/100/0/threaded"
},
{
"name": "1015860",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015860"
},
{
"name": "GLSA-200604-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-05.xml"
},
{
"name": "http://aluigi.altervista.org/adv/doomsdayfs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/doomsdayfs-adv.txt"
},
{
"name": "doomsday-conmessage-conprintf-format-string(25622)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25622"
},
{
"name": "20060403 Format string in Doomsday 1.8.6",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044865.html"
},
{
"name": "19519",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19519"
},
{
"name": "17369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17369"
},
{
"name": "19515",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19515"
},
{
"name": "ADV-2006-1221",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1221"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1618",
"datePublished": "2006-04-05T10:00:00.000Z",
"dateReserved": "2006-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:19:48.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4644 (GCVE-0-2007-4644)
Vulnerability from cvelistv5 – Published: 2007-08-31 23:00 – Updated: 2024-08-07 15:01
VLAI
EPSS
VEX
Summary
Format string vulnerability in the Cl_GetPackets function in cl_main.c in the client in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote Doomsday servers to execute arbitrary code via format string specifiers in a PSV_CONSOLE_TEXT message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/3084 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/28821 | third-party-advisoryx_refsource_SECUNIA |
| http://bugs.gentoo.org/show_bug.cgi?id=190835 | x_refsource_CONFIRM |
| http://secunia.com/advisories/26524 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/478077/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/25483 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200802-02.xml | vendor-advisoryx_refsource_GENTOO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://aluigi.org/poc/dumsdei.zip | x_refsource_MISC |
Date Public
2007-08-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3084",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28821"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "25483",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "doomsday-clgetpackets-format-string(36337)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36337"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/poc/dumsdei.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the Cl_GetPackets function in cl_main.c in the client in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote Doomsday servers to execute arbitrary code via format string specifiers in a PSV_CONSOLE_TEXT message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3084",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28821"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "25483",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "doomsday-clgetpackets-format-string(36337)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36337"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/poc/dumsdei.zip"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the Cl_GetPackets function in cl_main.c in the client in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote Doomsday servers to execute arbitrary code via format string specifiers in a PSV_CONSOLE_TEXT message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3084",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28821"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=190835",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "25483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "doomsday-clgetpackets-format-string(36337)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36337"
},
{
"name": "http://aluigi.org/poc/dumsdei.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/dumsdei.zip"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4644",
"datePublished": "2007-08-31T23:00:00.000Z",
"dateReserved": "2007-08-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:01:09.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4643 (GCVE-0-2007-4643)
Vulnerability from cvelistv5 – Published: 2007-08-31 23:00 – Updated: 2024-08-07 15:01
VLAI
EPSS
VEX
Summary
Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a PKT_CHAT packet with a data length less than 3, which triggers an erroneous malloc, possibly related to the Sv_HandlePacket function in sv_main.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/3084 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/28821 | third-party-advisoryx_refsource_SECUNIA |
| http://bugs.gentoo.org/show_bug.cgi?id=190835 | x_refsource_CONFIRM |
| http://secunia.com/advisories/26524 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/478077/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/25483 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200802-02.xml | vendor-advisoryx_refsource_GENTOO |
| http://aluigi.org/poc/dumsdei.zip | x_refsource_MISC |
Date Public
2007-08-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "doomsday-svhandlepacket-underflow(36338)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36338"
},
{
"name": "3084",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28821"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "25483",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/poc/dumsdei.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a PKT_CHAT packet with a data length less than 3, which triggers an erroneous malloc, possibly related to the Sv_HandlePacket function in sv_main.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "doomsday-svhandlepacket-underflow(36338)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36338"
},
{
"name": "3084",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28821"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "25483",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/poc/dumsdei.zip"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4643",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a PKT_CHAT packet with a data length less than 3, which triggers an erroneous malloc, possibly related to the Sv_HandlePacket function in sv_main.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "doomsday-svhandlepacket-underflow(36338)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36338"
},
{
"name": "3084",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28821"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=190835",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "25483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "http://aluigi.org/poc/dumsdei.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/dumsdei.zip"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4643",
"datePublished": "2007-08-31T23:00:00.000Z",
"dateReserved": "2007-08-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:01:09.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4642 (GCVE-0-2007-4642)
Vulnerability from cvelistv5 – Published: 2007-08-31 23:00 – Updated: 2024-08-07 15:01
VLAI
EPSS
VEX
Summary
Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Write function in net_msg.c, or (3) many commands that are not properly handled by the NetSv_ReadCommands function in d_netsv.c; or (4) cause a denial of service (daemon crash) via a chat (PKT_CHAT) message without a final '\0' character.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/3084 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/28821 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://aluigi.altervista.org/adv/dumsdei-adv.txt | x_refsource_MISC |
| http://bugs.gentoo.org/show_bug.cgi?id=190835 | x_refsource_CONFIRM |
| http://secunia.com/advisories/26524 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/478077/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/25483 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200802-02.xml | vendor-advisoryx_refsource_GENTOO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://aluigi.org/poc/dumsdei.zip | x_refsource_MISC |
Date Public
2007-08-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3084",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28821"
},
{
"name": "doomsday-dnetplayerevent-bo(36332)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36332"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/dumsdei-adv.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "doomsday-msgwrite-bo(36333)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36333"
},
{
"name": "25483",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "doomsday-netsvreadcommands-bo(36334)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36334"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/poc/dumsdei.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Write function in net_msg.c, or (3) many commands that are not properly handled by the NetSv_ReadCommands function in d_netsv.c; or (4) cause a denial of service (daemon crash) via a chat (PKT_CHAT) message without a final \u0027\\0\u0027 character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3084",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28821"
},
{
"name": "doomsday-dnetplayerevent-bo(36332)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36332"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/dumsdei-adv.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "doomsday-msgwrite-bo(36333)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36333"
},
{
"name": "25483",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "doomsday-netsvreadcommands-bo(36334)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36334"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/poc/dumsdei.zip"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Write function in net_msg.c, or (3) many commands that are not properly handled by the NetSv_ReadCommands function in d_netsv.c; or (4) cause a denial of service (daemon crash) via a chat (PKT_CHAT) message without a final \u0027\\0\u0027 character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3084",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3084"
},
{
"name": "28821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28821"
},
{
"name": "doomsday-dnetplayerevent-bo(36332)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36332"
},
{
"name": "http://aluigi.altervista.org/adv/dumsdei-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/dumsdei-adv.txt"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=190835",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
},
{
"name": "26524",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26524"
},
{
"name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
},
{
"name": "doomsday-msgwrite-bo(36333)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36333"
},
{
"name": "25483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25483"
},
{
"name": "GLSA-200802-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
},
{
"name": "doomsday-netsvreadcommands-bo(36334)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36334"
},
{
"name": "http://aluigi.org/poc/dumsdei.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/dumsdei.zip"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4642",
"datePublished": "2007-08-31T23:00:00.000Z",
"dateReserved": "2007-08-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:01:09.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1618 (GCVE-0-2006-1618)
Vulnerability from cvelistv5 – Published: 2006-04-05 10:00 – Updated: 2024-08-07 17:19
VLAI
EPSS
VEX
Summary
Format string vulnerability in the (1) Con_message and (2) conPrintf functions in con_main.c in Doomsday engine 1.8.6 allows remote attackers to execute arbitrary code via format string specifiers in an argument to the JOIN command, and possibly other command arguments.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/429857/100… | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1015860 | vdb-entryx_refsource_SECTRACK |
| http://www.gentoo.org/security/en/glsa/glsa-20060… | vendor-advisoryx_refsource_GENTOO |
| http://aluigi.altervista.org/adv/doomsdayfs-adv.txt | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/19519 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/17369 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/19515 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/1221 | vdb-entryx_refsource_VUPEN |
Date Public
2006-04-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:19:48.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060403 Format string in Doomsday 1.8.6",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/429857/100/0/threaded"
},
{
"name": "1015860",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015860"
},
{
"name": "GLSA-200604-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-05.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/doomsdayfs-adv.txt"
},
{
"name": "doomsday-conmessage-conprintf-format-string(25622)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25622"
},
{
"name": "20060403 Format string in Doomsday 1.8.6",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044865.html"
},
{
"name": "19519",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19519"
},
{
"name": "17369",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17369"
},
{
"name": "19515",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19515"
},
{
"name": "ADV-2006-1221",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1221"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the (1) Con_message and (2) conPrintf functions in con_main.c in Doomsday engine 1.8.6 allows remote attackers to execute arbitrary code via format string specifiers in an argument to the JOIN command, and possibly other command arguments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060403 Format string in Doomsday 1.8.6",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/429857/100/0/threaded"
},
{
"name": "1015860",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015860"
},
{
"name": "GLSA-200604-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-05.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/doomsdayfs-adv.txt"
},
{
"name": "doomsday-conmessage-conprintf-format-string(25622)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25622"
},
{
"name": "20060403 Format string in Doomsday 1.8.6",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044865.html"
},
{
"name": "19519",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19519"
},
{
"name": "17369",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17369"
},
{
"name": "19515",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19515"
},
{
"name": "ADV-2006-1221",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1221"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the (1) Con_message and (2) conPrintf functions in con_main.c in Doomsday engine 1.8.6 allows remote attackers to execute arbitrary code via format string specifiers in an argument to the JOIN command, and possibly other command arguments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060403 Format string in Doomsday 1.8.6",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/429857/100/0/threaded"
},
{
"name": "1015860",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015860"
},
{
"name": "GLSA-200604-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-05.xml"
},
{
"name": "http://aluigi.altervista.org/adv/doomsdayfs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/doomsdayfs-adv.txt"
},
{
"name": "doomsday-conmessage-conprintf-format-string(25622)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25622"
},
{
"name": "20060403 Format string in Doomsday 1.8.6",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044865.html"
},
{
"name": "19519",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19519"
},
{
"name": "17369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17369"
},
{
"name": "19515",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19515"
},
{
"name": "ADV-2006-1221",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1221"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1618",
"datePublished": "2006-04-05T10:00:00.000Z",
"dateReserved": "2006-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:19:48.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}