Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in the Sequencer::queueMessage function in sequencer.cpp in the server in Rigs of Rods (RoR) before 0.33d SP1 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code by sending a nickname, then a vehicle name in a MSG2_USE_VEHICLE message, in which the combined length triggers the overflow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Rigs of Rods 'Sequencer::queueMessage'远程缓冲区溢出漏洞
Vulnerability Description
Rigs of Rods(也被称为RoR)是一款卡车、汽车、飞机等驾驶游戏模拟器。 RoR在处理超长车辆名字字段时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞导致拒绝服务。 当玩家加入到服务器时,如果在发送的MSG2_USE_VEHICLE消息中包含有超长车辆名称的话,就可能在全局dbuffer缓冲区中触发溢出。 在queueMessage中的,当接收到MSG2_USE_VEHICLE消息时,首先在车辆名称中拷贝dbuffer,然后将昵称连接到dbuffer,这就允许攻击者用最多255个字节覆盖这个缓冲区
CVSS Information
N/A
Vulnerability Type
N/A