PT-2001-1580 · Sierra · Sierra Half-Life

Published

2001-05-24

Updated

2017-12-19

CVE-2001-0358

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Sierra Half-Life versions 1573 and earlier

Description The issue allows remote attackers to execute arbitrary code via specific commands or configuration file input. This can be achieved through a long map command, a long exec command, or long input in a configuration file.

Recommendations For versions 1573 and earlier, update to a version later than 1573 to resolve the issue. As a temporary workaround, consider restricting access to the map and exec commands, as well as limiting input in configuration files to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0358

Affected Products

Sierra Half-Life

PT-2001-1580 · Sierra · Sierra Half-Life

CVE-2001-0358

Related Identifiers

Affected Products

References · 4