CVE-2007-4447

Name of the Vulnerable Software and Affected Versions Toribash versions 2.71 and earlier

Description The issue concerns multiple buffer overflows in the client. These overflows can be triggered by remote attackers via a long game command in a replay (.rpl) file, allowing them to execute arbitrary code, or by a long SAY command that omits a required LF character, leading to a denial of service (application crash). Additionally, remote Toribash servers can execute arbitrary code via a long game command or a long SAY command that omits a required LF character.

Recommendations For Toribash versions 2.71 and earlier, update to a version later than 2.71 to resolve the issue. At the moment, there is no information about other specific fixes for this issue.