|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA11182] Terminator 3: Rise Of The Machines Broadcast Buffer Overflow
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Mon Mar 22 2004 - 09:05:58 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
Terminator 3: Rise Of The Machines Broadcast Buffer Overflow
SECUNIA ADVISORY ID:
SA11182
VERIFY ADVISORY:
http://secunia.com/advisories/11182/
CRITICAL:
Highly critical
IMPACT:
DoS, System access
WHERE:
From remote
SOFTWARE:
Terminator 3: Rise Of The Machines
DESCRIPTION:
Luigi Auriemma has reported a vulnerability in Terminator 3: Rise Of
The Machines, allowing malicious people to cause a Denial of Service
or potentially compromise a vulnerable system.
When a client enters the "Multiplayer" menu, it sends a request to
the master server for available servers. Each server then returns a
reply containing information about the server.
However, a boundary error exists in the client within the routine for
handling these replies. This can be exploited via a malicious server
to cause a buffer overflow by returning overly long server info in a
reply.
Successful exploitation may allow execution of arbitrary code on a
user's system.
SOLUTION:
Do only play multiplayer games on trusted local networks.
PROVIDED AND/OR DISCOVERED BY:
Luigi Auriemma
ORIGINAL ADVISORY:
http://aluigi.altervista.org/adv/t3cbof-adv.txt
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]