CVE-2007-1371

Name of the Vulnerable Software and Affected Versions Conquest versions 8.2a and earlier

Description The issue involves multiple buffer overflows that can be exploited in different ways. Locally, users can gain privileges by querying a metaserver that sends a long server entry, which is processed by the metaGetServerList function. Remote metaservers can also execute arbitrary code via a long server entry processed by the same function. Additionally, exceeding the configured number of metaservers can have an unknown impact. Remote attackers can corrupt memory by sending a SP CLIENTSTAT packet with certain values of unum or snum.

Recommendations For Conquest versions 8.2a and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.