Secunia Advisory: SA20401 Print Advisory
Release Date: 2006-06-05
Critical:Moderately critical
Impact: DoS
System access
Where: From remote
Solution Status: Unpatched
Software: Quake3 Engine 3.x
Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
Description:
Luigi Auriemma has reported a vulnerability in the Quake3 Engine, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
The vulnerability is caused due to a boundary error within the "CL_ParseDownload()" function in "code/client/cl_parse.c" when handling the download commands received from the server. This can be exploited to cause a stack-based buffer overflow via a malicious "svc_download" command sent from the server.
Successful exploitation may allow arbitrary code execution but requires that e.g. the user is tricked into connecting to a malicious server.
The vulnerability has been reported in Quake III 1.32c. Other versions may also be affected.
Note: Other products based on the Quake3 engine may also be affected.
Solution:
Do not connect to untrusted game servers.
Provided and/or discovered by:
Luigi Auriemma
Original Advisory:
http://aluigi.altervista.org/adv/q3cbof-adv.txt
Bollettino Secunia[/ur]
Release Date: 2006-06-05
Critical:Moderately critical
Impact: DoS
System access
Where: From remote
Solution Status: Unpatched
Software: Quake3 Engine 3.x
Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
Description:
Luigi Auriemma has reported a vulnerability in the Quake3 Engine, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
The vulnerability is caused due to a boundary error within the "CL_ParseDownload()" function in "code/client/cl_parse.c" when handling the download commands received from the server. This can be exploited to cause a stack-based buffer overflow via a malicious "svc_download" command sent from the server.
Successful exploitation may allow arbitrary code execution but requires that e.g. the user is tricked into connecting to a malicious server.
The vulnerability has been reported in Quake III 1.32c. Other versions may also be affected.
Note: Other products based on the Quake3 engine may also be affected.
Solution:
Do not connect to untrusted game servers.
Provided and/or discovered by:
Luigi Auriemma
Original Advisory:
http://aluigi.altervista.org/adv/q3cbof-adv.txt
Bollettino Secunia[/ur]