CVE-2006-1103

Sauerbraten 2006_02_28 - Denial of Service via Incomplete Client Join Timeout

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1103. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This exploit targets multiple vulnerabilities in Sauerbraten <= 2006_02_28, including buffer overflows and invalid memory access. It uses the ENet library to craft malicious packets for attacks such as sgetstr() buffer overflow and directory traversal.

Description

engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (segmentation fault) via a client that does not completely join the game and times out, which results in a null pointer dereference.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · cdoswindows

https://www.exploit-db.com/exploits/1559

View Code ZIP pw:eip

This exploit targets multiple vulnerabilities in Sauerbraten <= 2006_02_28, including buffer overflows and invalid memory access. It uses the ENet library to craft malicious packets for attacks such as sgetstr() buffer overflow and directory traversal.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Sauerbraten <= 2006_02_28

No auth needed

Prerequisites: Network access to the target server · ENet library for compilation

MITRE ATT&CK