### [CVE-2011-10014](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-10014)
![](https://img.shields.io/static/v1?label=Product&message=San%20Andreas%20Multiplayer&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0.3.1.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-121%20Stack-based%20Buffer%20Overflow&color=brightgreen)

### Description

GTA San Andreas Multiplayer (SA-MP) server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code when the server binary (samp-server.exe) processes a crafted echo directive containing excessive input. The original 'sa-mp.com' site is defunct, but the community maintains mirrors and forks that may be vulnerable.

### POC

#### Reference
- https://www.exploit-db.com/exploits/17893
- https://www.exploit-db.com/exploits/18038
- https://www.vulncheck.com/advisories/gta-sa-mp-buffer-overflow

#### Github
No PoCs found on GitHub currently.