2 results (0.019 seconds)

CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 1

Alien Arena 2007 6.10 and earlier allows remote attackers to cause a denial of service (client disconnect) by sending a client_connect command in a forged packet from the server to a client. NOTE: client IP addresses are available via product-specific queries. Alien Arena 2007 6.10 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (desconexión de cliente) al enviar un comando client_connect en un paquete falsificado del servidor al cliente. NOTA: las direcciones IP cliente están disponibles mediante consultas específicas por producto. • http://aluigi.altervista.org/adv/aa2k7x-adv.txt http://archives.neohapsis.com/archives/fulldisclosure/2007-09/0049.html http://osvdb.org/40508 http://secunia.com/advisories/26819 http://securityreason.com/securityalert/3105 http://www.quakesrc.org/forums/viewtopic.php?t=6843&start=1 http://www.securityfocus.com/archive/1/478628/100/0/threaded http://www.securityfocus.com/bid/25559 http://www.vupen.com/english/advisories/2007/3169 https://exchange.xforce.ibmcloud.com/vulnerabilities • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 15%CPEs: 1EXPL: 2

Format string vulnerability in the safe_bprintf function in acesrc/acebot_cmds.c in Alien Arena 2007 6.10 and earlier allows remote attackers to cause a denial of service (daemon crash) via format string specifiers in a nickname. Vulnerabilidad de formato de cadena en la función safe_bprintf en acesrc/acebot_cmds.c de Alien Arena 2007 6.10 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída de demonio) mediante especificadores de cadena en un nombre de pila (nickname). • https://www.exploit-db.com/exploits/30566 http://aluigi.altervista.org/adv/aa2k7x-adv.txt http://archives.neohapsis.com/archives/fulldisclosure/2007-09/0049.html http://osvdb.org/40507 http://secunia.com/advisories/26819 http://securityreason.com/securityalert/3105 http://www.quakesrc.org/forums/viewtopic.php?t=6843&start=1 http://www.securityfocus.com/archive/1/478628/100/0/threaded http://www.securityfocus.com/bid/25559 http://www.vupen.com/english/advisories/2007/3169 h • CWE-134: Use of Externally-Controlled Format String •