CVE-2006-2236

Quake 3 Engine - Buffer Overflow via Long remapShader Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2236. PoCs published by landser.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the Quake 3 engine (CVE-2006-2236) by hooking server functions to send malformed 'remapShader' commands to clients, resulting in remote code execution. The shellcode binds a shell on a specified port and exits cleanly with an error message.

Description

Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) Return to Castle Wolfenstein 1.41, and (3) Quake III Arena 1.32b allows remote attackers to execute arbitrary commands via a long remapShader command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by landser · cremotelinux

https://www.exploit-db.com/exploits/1750

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in the Quake 3 engine (CVE-2006-2236) by hooking server functions to send malformed 'remapShader' commands to clients, resulting in remote code execution. The shellcode binds a shell on a specified port and exits cleanly with an error message.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Quake 3 Engine 1.32b (ET 2.60, RtCW 1.41, Q3 1.32b)

No auth needed

Prerequisites: Server with LD_PRELOAD capability · Vulnerable client connecting to the server

MITRE ATT&CK