Vulnerability Description
MultiTheftAuto 0.5 patch 1 and earlier does not properly verify client privileges when running command 40, which allows remote attackers to change or delete the message of the day (motd.txt).
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Multitheftauto | Multitheftauto | <= 0.5_patch_1 |
References
- http://aluigi.altervista.org/adv/mtaboom-adv.txtExploitVendor Advisory
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-September/037384.htmlExploitVendor Advisory
- http://secunia.com/advisories/16926/Vendor Advisory
- http://aluigi.altervista.org/adv/mtaboom-adv.txtExploitVendor Advisory
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-September/037384.htmlExploitVendor Advisory
- http://secunia.com/advisories/16926/Vendor Advisory
FAQ
What is CVE-2005-3064?
CVE-2005-3064 is a vulnerability with a CVSS score of 5.0 (MEDIUM). MultiTheftAuto 0.5 patch 1 and earlier does not properly verify client privileges when running command 40, which allows remote attackers to change or delete the message of the day (motd.txt).
How severe is CVE-2005-3064?
CVE-2005-3064 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3064?
Check the references section above for vendor advisories and patch information. Affected products include: Multitheftauto Multitheftauto.