IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Buffer Overflows with Quake 3 Engine based network games, GAME
sl.Binaural
post May 6 2006, 12:48 PM
Post #1


Group Icon Chief_Translator

Group: RtCW/ET-Division

Joined: 26-September 04
From: Bonn, Germany
Member No.: 655



Players of Enemy Territory, Return to Castle Wolfenstein and Quake III Arena should be careful in future when connecting to an unknown server. There is a buffer overlow exploit around for the mentioned games with Quake 3 Engine, which plants code on the client and executes it. Therefore it will suffice to send a prepared RemapShader-order to the client.

The linux and also the windows-versions are affected, but the exploit works with linux-versions only at the moment. It opens on TCP-port 27670 a through network reachable shell. The error was found in versions of Enemy Territory 2.60, Return to Castle Wolfenstein 1.41 and Quake III Arena 1.32b. Other versions are potentially also affected. Up to now there is no patch closing this security hole.

Source: http://www.heise.de/newsticker/meldung/72780


--------------------
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 20th November 2017 - 04:25 PM