CVE-2006-1100
published 2006-03-09CVE-2006-1100: Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 2006_02_28 and earlier, as derived from the Cube engine, allows remote attackers to…
PriorityP343high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
8.11%
94.1th percentile
Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 2006_02_28 and earlier, as derived from the Cube engine, allows remote attackers to execute arbitrary code via long streams of input data.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sauerbraten | cube | — | — |
| sauerbraten | sauerbraten | — | — |
| sauerbraten | sauerbraten | — | — |
| sauerbraten | sauerbraten | — | — |
| sauerbraten | sauerbraten | — | — |
| sauerbraten | sauerbraten | — | — |
| sauerbraten | sauerbraten | — | — |
| sauerbraten | sauerbraten | — | — |
| sauerbraten | sauerbraten | — | — |
| sauerbraten | sauerbraten | — | — |
| sauerbraten | sauerbraten | — | — |
| sauerbraten | sauerbraten | — | — |
| sauerbraten | sauerbraten | — | — |
| sauerbraten | sauerbraten | — | — |
| sauerbraten | sauerbraten | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
exploitdb·2010-07-03
CVE-2006-5972 Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
---
##
# $Id: netgear_wg111_beacon.rb 9669 2010-07-03 03:13:45Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'NetGear WG111v2 Wireless Driver Long Beacon Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in the NetGear WG111v2 wireless
device driver. This stack buffer overflow allows remote code execution in kernel mode.
The stack buffer overflow is triggered when a 802.11 Beacon frame is received that
contains more than 1100 bytes worth
Exploit-DB
Sauerbraten 2006_02_28 - Multiple Buffer Overflow / Crash
exploitdb·2006-03-06
CVE-2006-1103 Sauerbraten 2006_02_28 - Multiple Buffer Overflow / Crash
Sauerbraten 2006_02_28 - Multiple Buffer Overflow / Crash
---
/*
by Luigi Auriemma
You NEED Enet for compiling this tool (then remember -lenet)
http://enet.bespin.org / http://enet.cubik.org
*/
#include
#include
#include
#include
#include
#ifdef WIN32
#include
/*
Header file used for manage errors in Windows
It support socket and errno too
(this header replace the previous sock_errX.h)
*/
#include
#include
void std_err(void) {
char *error;
switch(WSAGetLastError()) {
case 10004: error = "Interrupted system call"; break;
case 10009: error = "Bad file number"; break;
case 10013: error = "Permission denied"; break;
case 10014: error = "Bad address"; break;
case 10022: error = "Invalid argument (not bind)"; break;
case 10024: error = "Too many open files"; break;
case 10035: error =
No writeups or analysis indexed.
http://aluigi.altervista.org/adv/evilcube-adv.txthttp://cvs.sourceforge.net/viewcvs.py/sauerbraten/sauerbraten/src/shared/cube.h?r1=1.7&r2=1.8http://secunia.com/advisories/19110http://secunia.com/advisories/19111http://secunia.com/advisories/19199http://www.gentoo.org/security/en/glsa/glsa-200603-10.xmlhttp://www.securityfocus.com/archive/1/426865/100/0/threadedhttp://www.securityfocus.com/archive/1/426867/100/0/threadedhttp://www.securityfocus.com/bid/16986http://www.vupen.com/english/advisories/2006/0847http://www.vupen.com/english/advisories/2006/0848https://exchange.xforce.ibmcloud.com/vulnerabilities/25083http://aluigi.altervista.org/adv/evilcube-adv.txthttp://cvs.sourceforge.net/viewcvs.py/sauerbraten/sauerbraten/src/shared/cube.h?r1=1.7&r2=1.8http://secunia.com/advisories/19110http://secunia.com/advisories/19111http://secunia.com/advisories/19199http://www.gentoo.org/security/en/glsa/glsa-200603-10.xmlhttp://www.securityfocus.com/archive/1/426865/100/0/threadedhttp://www.securityfocus.com/archive/1/426867/100/0/threadedhttp://www.securityfocus.com/bid/16986http://www.vupen.com/english/advisories/2006/0847http://www.vupen.com/english/advisories/2006/0848https://exchange.xforce.ibmcloud.com/vulnerabilities/25083
2006-03-09
Published