Back to search
CVE-2008-3286
Published: Jul 24, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
SWAT 4 1.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) VERIFYCONTENT or (2) GAMECONFIG command sent to the server before user session initialization, which triggers a NULL pointer dereference; or (3) a GAMESPYRESPONSE command followed by a long RS string.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://aluigi.org/fakep/unrealfp.zip
x_refsource_MISC
30299
vdb-entry
x_refsource_BID
swat4-gamespyresponse-dos(43902)
vdb-entry
x_refsource_XF
31158
third-party-advisory
x_refsource_SECUNIA
swat4-verifycontent-gameconfig-dos(43901)
vdb-entry
x_refsource_XF
http://aluigi.altervista.org/adv/swat4x-adv.txt
x_refsource_MISC
ADV-2008-2149
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now