vendor:
Netrek
by:
Luigi Auriemma
7.5
CVSS
HIGH
Format string
134
CWE
Product Name: Netrek
Affected Version From: <= 2.12.0
Affected Version To: 2.12.2000
Patch Exists: YES
Related CWE:
CPE: a:netrek_project:netrek
Platforms Tested: *nix and Windows
2007
Netrek format string vulnerability
The Vanilla server in Netrek version <= 2.12.0 is affected by a format string vulnerability. The vulnerability is caused by the calling of the pmessage2() function without the needed format argument. It can be exploited by locking a player who is using a malformed nickname. The EVENTLOG switch must be enabled for exploiting this vulnerability. The exploit code can be found at http://aluigi.org/poc/netrekfs.zip
Mitigation:
Upgrade to version 2.12.1