CVE-2007-5713 - Vulnerability Details - OpenCVE

Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attackers to execute arbitrary code or cause a denial of service via unspecified input related to geolocation, which triggers an error message from the (1) geoip_code2 or (2) geoip_code3 function, leading to a buffer overflow.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Amxmodx	Amx Mod X
Valve Software	Half-life Dedicated Server

Configuration 1 [-]

OR	cpe:2.3:a:amxmodx:amx_mod_x:1.76d:::::::*
	cpe:2.3:a:valve_software:half-life_dedicated_server::::::::

No data.

References

Link	Providers
http://bugs.alliedmods.net/?do=details&task_id=519
http://osvdb.org/41980
http://secunia.com/advisories/27411
http://wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes
http://www.securityfocus.com/bid/26218

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-10-30T19:00:00

Updated: 2024-08-07T15:39:13.714Z

Reserved: 2007-10-30T00:00:00

Link: CVE-2007-5713

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-10-30T19:46:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-5713

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-10-26T00:00:00", "descriptions": [{"lang": "en", "value": "Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attackers to execute arbitrary code or cause a denial of service via unspecified input related to geolocation, which triggers an error message from the (1) geoip_code2 or (2) geoip_code3 function, leading to a buffer overflow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-10-30T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "41980", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/41980"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.alliedmods.net/?do=details&task_id=519"}, {"name": "26218", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26218"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes"}, {"name": "27411", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27411"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5713", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attackers to execute arbitrary code or cause a denial of service via unspecified input related to geolocation, which triggers an error message from the (1) geoip_code2 or (2) geoip_code3 function, leading to a buffer overflow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "41980", "refsource": "OSVDB", "url": "http://osvdb.org/41980"}, {"name": "http://bugs.alliedmods.net/?do=details&task_id=519", "refsource": "CONFIRM", "url": "http://bugs.alliedmods.net/?do=details&task_id=519"}, {"name": "26218", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26218"}, {"name": "http://wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes", "refsource": "CONFIRM", "url": "http://wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes"}, {"name": "27411", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27411"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:39:13.714Z"}, "title": "CVE Program Container", "references": [{"name": "41980", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/41980"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.alliedmods.net/?do=details&task_id=519"}, {"name": "26218", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26218"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes"}, {"name": "27411", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27411"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5713", "datePublished": "2007-10-30T19:00:00", "dateReserved": "2007-10-30T00:00:00", "dateUpdated": "2024-08-07T15:39:13.714Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:amxmodx:amx_mod_x:1.76d:*:*:*:*:*:*:*", "matchCriteriaId": "66208985-F658-4C1F-9CD9-5CC9C305DE0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:valve_software:half-life_dedicated_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC7463D9-F01F-44E3-91A9-AE15398223AB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attackers to execute arbitrary code or cause a denial of service via unspecified input related to geolocation, which triggers an error message from the (1) geoip_code2 or (2) geoip_code3 function, leading to a buffer overflow."}, {"lang": "es", "value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en el m\u00f3dulo GeoIP de la extensi\u00f3n AMX Mod X 1.76d para Half-Life Server podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio mediante entradas no especificadas relacionadas con la localizaci\u00f3n geogr\u00e1fica, lo cual provoca un mensaje de error en las funciones (1) geoip_code2 o (2) geoip_code3, llegando a producir un desbordamiento de b\u00fafer."}], "id": "CVE-2007-5713", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-10-30T19:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://bugs.alliedmods.net/?do=details&task_id=519"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/41980"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/27411"}, {"source": "cve@mitre.org", "url": "http://wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/26218"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.alliedmods.net/?do=details&task_id=519"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/41980"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/27411"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/26218"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}