MidnightBSD

Advisories for raydium

CVE-2006-2408 HIGH

Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbitrary code via a large packet when logged via (1) the raydium_log function in log.c or (2) the raydium_console_line_add function in console.c, possibly from a long player name.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
raydium raydium svn_revision_286
raydium raydium svn_revision_300
raydium raydium svn_revision_292
raydium raydium svn_revision_285
raydium raydium svn_revision_305
raydium raydium svn_revision_298
raydium raydium svn_revision_303
raydium raydium svn_revision_294
raydium raydium svn_revision_290
raydium raydium svn_revision_299
raydium raydium svn_revision_293
raydium raydium svn_revision_296
raydium raydium svn_revision_288
raydium raydium svn_revision_302
raydium raydium svn_revision_304
raydium raydium svn_revision_287
raydium raydium svn_revision_309
raydium raydium svn_revision_289
raydium raydium svn_revision_306
raydium raydium svn_revision_307
raydium raydium svn_revision_297
raydium raydium svn_revision_291
raydium raydium svn_revision_283
raydium raydium svn_revision_301
raydium raydium svn_revision_295
raydium raydium svn_revision_308
raydium raydium svn_revision_284
CVE-2006-2409 MEDIUM

Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter, which are not properly handled in a call to raydium_console_line_add.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-134,

Products Affected

Vendor Product Version
raydium raydium svn_revision_286
raydium raydium svn_revision_300
raydium raydium svn_revision_292
raydium raydium svn_revision_285
raydium raydium svn_revision_305
raydium raydium svn_revision_298
raydium raydium svn_revision_303
raydium raydium svn_revision_294
raydium raydium svn_revision_290
raydium raydium svn_revision_299
raydium raydium svn_revision_293
raydium raydium svn_revision_296
raydium raydium svn_revision_288
raydium raydium svn_revision_302
raydium raydium svn_revision_304
raydium raydium svn_revision_287
raydium raydium svn_revision_309
raydium raydium svn_revision_289
raydium raydium svn_revision_306
raydium raydium svn_revision_307
raydium raydium svn_revision_297
raydium raydium svn_revision_291
raydium raydium svn_revision_283
raydium raydium svn_revision_301
raydium raydium svn_revision_295
raydium raydium svn_revision_308
raydium raydium svn_revision_284
CVE-2006-2410 MEDIUM

raydium_network_netcall_exec function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a packet of type 0xFF, which causes a null dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
raydium raydium svn_revision_286
raydium raydium svn_revision_300
raydium raydium svn_revision_292
raydium raydium svn_revision_285
raydium raydium svn_revision_312
raydium raydium svn_revision_305
raydium raydium svn_revision_298
raydium raydium svn_revision_303
raydium raydium svn_revision_294
raydium raydium svn_revision_290
raydium raydium svn_revision_299
raydium raydium svn_revision_310
raydium raydium svn_revision_311
raydium raydium svn_revision_293
raydium raydium svn_revision_296
raydium raydium svn_revision_288
raydium raydium svn_revision_302
raydium raydium svn_revision_304
raydium raydium svn_revision_287
raydium raydium svn_revision_309
raydium raydium svn_revision_289
raydium raydium svn_revision_306
raydium raydium svn_revision_307
raydium raydium svn_revision_297
raydium raydium svn_revision_291
raydium raydium svn_revision_283
raydium raydium svn_revision_301
raydium raydium svn_revision_295
raydium raydium svn_revision_308
raydium raydium svn_revision_284
CVE-2006-2411 HIGH

Buffer overflow in raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to execute arbitrary code by sending packets with long global variables to the client.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
raydium raydium svn_revision_286
raydium raydium svn_revision_300
raydium raydium svn_revision_292
raydium raydium svn_revision_285
raydium raydium svn_revision_312
raydium raydium svn_revision_305
raydium raydium svn_revision_298
raydium raydium svn_revision_303
raydium raydium svn_revision_294
raydium raydium svn_revision_290
raydium raydium svn_revision_299
raydium raydium svn_revision_310
raydium raydium svn_revision_311
raydium raydium svn_revision_293
raydium raydium svn_revision_296
raydium raydium svn_revision_288
raydium raydium svn_revision_302
raydium raydium svn_revision_304
raydium raydium svn_revision_287
raydium raydium svn_revision_309
raydium raydium svn_revision_289
raydium raydium svn_revision_306
raydium raydium svn_revision_307
raydium raydium svn_revision_297
raydium raydium svn_revision_291
raydium raydium svn_revision_283
raydium raydium svn_revision_301
raydium raydium svn_revision_295
raydium raydium svn_revision_308
raydium raydium svn_revision_284
CVE-2006-2412 MEDIUM

The raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a large ID, which causes an invalid memory access (buffer over-read).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
raydium raydium svn_revision_286
raydium raydium svn_revision_300
raydium raydium svn_revision_292
raydium raydium svn_revision_285
raydium raydium svn_revision_312
raydium raydium svn_revision_305
raydium raydium svn_revision_298
raydium raydium svn_revision_303
raydium raydium svn_revision_294
raydium raydium svn_revision_290
raydium raydium svn_revision_299
raydium raydium svn_revision_310
raydium raydium svn_revision_311
raydium raydium svn_revision_293
raydium raydium svn_revision_296
raydium raydium svn_revision_288
raydium raydium svn_revision_302
raydium raydium svn_revision_304
raydium raydium svn_revision_287
raydium raydium svn_revision_309
raydium raydium svn_revision_289
raydium raydium svn_revision_306
raydium raydium svn_revision_307
raydium raydium svn_revision_297
raydium raydium svn_revision_291
raydium raydium svn_revision_283
raydium raydium svn_revision_301
raydium raydium svn_revision_295
raydium raydium svn_revision_308
raydium raydium svn_revision_284