MidnightBSD

Advisories for empire_server

CVE-2006-1840 MEDIUM

Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service (crash) via the (1) load, (2) spy and (3) bomb functions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-134,

Products Affected

Vendor Product Version
empire_server empire_server 4.2.12
empire_server empire_server 4.2.23
empire_server empire_server 4.2.10
empire_server empire_server 4.2.17
empire_server empire_server 4.2.20
empire_server empire_server *
empire_server empire_server 4.2.15
empire_server empire_server 4.2.11
empire_server empire_server 4.2.13
empire_server empire_server 4.2.14
empire_server empire_server 4.2.16
empire_server empire_server 4.2.22
empire_server empire_server 4.2.21
empire_server empire_server 4.2.18
empire_server empire_server 4.2.19
CVE-2006-2393 MEDIUM

The client_cmd function in Empire 4.3.2 and earlier allows remote attackers to cause a denial of service (application crash) by causing long text strings to be appended to the player->client buffer, which causes an invalid memory access.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
empire_server empire_server 4.3.2
empire_server empire_server 4.3.0