Stack-based buffer overflow in the ServerNetworking::incoming_client_data function in servnet.cpp in Outgun 1.0.3 bot 2 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a data_file_request command with a long (1) type or (2) name string.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| outgun | outgun | * |
| outgun | outgun | 1.0 |
| outgun | outgun | 1.0.3 |
The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (game interruption) via large packets, which cause an exception to be thrown.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| outgun | outgun | * |
| outgun | outgun | 1.0 |
| outgun | outgun | 1.0.3 |
The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (application crash) via packets with incorrect message sizes, which triggers a buffer over-read.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| outgun | outgun | * |
| outgun | outgun | 1.0 |
| outgun | outgun | 1.0.3 |
Buffer overflow in the changeRegistration function in servernet.cpp for Outgun 1.0.3 bot 2 and earlier allows remote attackers to change the registration information of other players via a long string.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| outgun | outgun | * |
| outgun | outgun | 1.0 |
| outgun | outgun | 1.0.3 |