vendor:
Gameport
by:
SecurityFocus
8.5
CVSS
HIGH
Bypass connection time limit restrictions, Access to server's administrative password, Execute arbitrary applications on a client
284, 287, 264
CWE
Product Name: Gameport
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005
Gameport Multiple Vulnerabilities
Gameport is reported prone to multiple vulnerabilities in the client and server. These issues may allow an attacker to gain unauthorized access to a vulnerable server and execute arbitrary code on a vulnerable client. An attacker can bypass the connection time limit restrictions imposed by a server. A local attacker can gain access to a server's administrative password. A server can execute arbitrary applications on a client. The following specific issues were reported: An attacker can bypass the connection time limit restrictions imposed by a server. A local attacker can gain access to a server's administrative password. A server can execute arbitrary applications on a client.
Mitigation:
Ensure that the server is configured to use strong authentication and access control mechanisms. Ensure that the server is configured to use secure protocols and encryption. Ensure that the server is configured to use secure protocols and encryption. Ensure that the server is configured to use secure protocols and encryption. Ensure that the server is configured to use secure protocols and encryption. Ensure that the server is configured to use secure protocols and encryption. Ensure that the server is configured to use secure protocols and encryption. Ensure that the server is configured to use secure protocols and encryption.
