MidnightBSD

Advisories for armin_burgmeier

CVE-2011-4091 MEDIUM

The libobby server in inc/server.hpp in libnet6 (aka net6) before 1.3.14 does not perform authentication before checking the user name, which allows remote attackers to obtain sensitive information such as server-usage patterns by a particular user and color preferences.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
opensuse opensuse 11.4
armin_burgmeier net6 1.3.5
oracle solaris 11.2
armin_burgmeier net6 1.3.2
armin_burgmeier net6 1.3.6
armin_burgmeier net6 *
armin_burgmeier net6 1.3.11
armin_burgmeier net6 1.3.12
armin_burgmeier net6 1.3.8
opensuse opensuse 11.3
armin_burgmeier net6 1.3.3
armin_burgmeier net6 1.3.7
armin_burgmeier net6 1.3.9
armin_burgmeier net6 1.3.1
armin_burgmeier net6 1.3.4
armin_burgmeier net6 1.3.10
CVE-2011-4093 MEDIUM

Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
armin_burgmeier net6 1.3.5
oracle solaris 11.2
armin_burgmeier net6 1.3.2
opensuse_project opensuse 11.4
armin_burgmeier net6 1.3.6
armin_burgmeier net6 *
armin_burgmeier net6 1.3.11
armin_burgmeier net6 1.3.12
armin_burgmeier net6 1.3.8
opensuse opensuse 11.3
armin_burgmeier net6 1.3.3
armin_burgmeier net6 1.3.7
armin_burgmeier net6 1.3.9
armin_burgmeier net6 1.3.1
armin_burgmeier net6 1.3.4
armin_burgmeier net6 1.3.10