Description
Stack-based buffer overflow in Rebellion Asura engine, as used for the server in Rogue Trooper 1.0 and earlier and Prism 1.1.1.0 and earlier, allows remote attackers to execute arbitrary code via a long string in a 0xf007 packet for the challenge B query.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Luigi Auriemma · textdosmultiple
https://www.exploit-db.com/exploits/30519
References (10)
Core 10
Core References
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2956
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/477357/100/0/threaded
Third Party Advisory x_refsource_misc
http://aluigi.altervista.org/adv/asurabof-adv.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/39799
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2955
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25411
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26571
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24023
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/3053
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36221
Scores
EPSS
0.2170
EPSS Percentile
95.8%
Details
Status
published
Products (2)
rebellion/rogue_trooper
< 1.0
rival_interactive/prism
< 1.1.1.0
Published
Aug 23, 2007
Tracked Since
Feb 18, 2026