CVE-2006-1147

Alien Arena 2006 Gold Edition 5.00 - DoS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1147. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This exploit targets multiple vulnerabilities in Alien Arena 2006 GE <= 5.00, including a format string vulnerability, buffer overflow, and crash via Com_sprintf. It demonstrates three distinct attack vectors by crafting malicious network packets to exploit server-side flaws.

Description

The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · cdoswindows

https://www.exploit-db.com/exploits/1564

View Code ZIP pw:eip

This exploit targets multiple vulnerabilities in Alien Arena 2006 GE <= 5.00, including a format string vulnerability, buffer overflow, and crash via Com_sprintf. It demonstrates three distinct attack vectors by crafting malicious network packets to exploit server-side flaws.

Classification

Working Poc 95%

Attack Type

Rce | Dos

Complexity

Moderate

Reliability

Reliable

Target: Alien Arena 2006 GE <= 5.00

No auth needed

Prerequisites: Network access to the target server · Target server running vulnerable Alien Arena version

MITRE ATT&CK