CVE-2007-1371

2007-03-1000:00:00

ubuntu.com

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.1%

JSON

Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local
users to gain privileges by querying a metaserver that sends a long server
entry processed by metaGetServerList and allow remote metaservers to
execute arbitrary code via a long server entry processed by
metaGetServerList; (2) allow attackers to have an unknown impact by
exceeding the configured number of metaservers; and allow remote attackers
to corrupt memory via a SP_CLIENTSTAT packet with certain values of (3)
unum or (4) snum, different vulnerabilities than CVE-2003-0933.

OSVersionArchitecturePackageVersionFilename
ubuntu7.10noarchconquest< 8.2b-1UNKNOWN
ubuntu8.04noarchconquest< 8.2b-1UNKNOWN
ubuntu8.10noarchconquest< 8.2b-1UNKNOWN
ubuntu9.04noarchconquest< 8.2b-1UNKNOWN
ubuntu9.10noarchconquest< 8.2b-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	7.10	noarch	conquest	< 8.2b-1	UNKNOWN
ubuntu	8.04	noarch	conquest	< 8.2b-1	UNKNOWN
ubuntu	8.10	noarch	conquest	< 8.2b-1	UNKNOWN
ubuntu	9.04	noarch	conquest	< 8.2b-1	UNKNOWN
ubuntu	9.10	noarch	conquest	< 8.2b-1	UNKNOWN