CVE-2005-3064

MultiTheftAuto <0.5 - Command Injection

Title source: llm

Description

MultiTheftAuto 0.5 patch 1 and earlier does not properly verify client privileges when running command 40, which allows remote attackers to change or delete the message of the day (motd.txt).

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · cdoswindows

https://www.exploit-db.com/exploits/1235

View Code ZIP pw:eip

References (3)

[Exploit, Vendor Advisory] http://aluigi.altervista.org/adv/mtaboom-adv.txt

[Vendor Advisory] http://secunia.com/advisories/16926/

[Exploit, Vendor Advisory] http://lists.grok.org.uk/pipermail/full-disclosure/2005-September/037384.html

Scores

EPSS 0.0546

EPSS Percentile 90.2%

Details

Status published

Products (1)

multitheftauto/multitheftauto < 0.5_patch_1

Published Sep 27, 2005

Tracked Since Feb 18, 2026