sl.Home | sl.Search | sl.Forum | sl.Settings | sl.Serverlist | sl.Maplist | sl.Team | sl.Wiki |
Buffer Overflows with Quake 3 Engine based network games, GAME |
May 6 2006, 12:48 PM
Post
#1
|
|
Chief_Translator Group: RtCW/ET-Division Joined: 26-September 04 From: Bonn, Germany Member No.: 655 |
Players of Enemy Territory, Return to Castle Wolfenstein and Quake III Arena should be careful in future when connecting to an unknown server. There is a buffer overlow exploit around for the mentioned games with Quake 3 Engine, which plants code on the client and executes it. Therefore it will suffice to send a prepared RemapShader-order to the client.
The linux and also the windows-versions are affected, but the exploit works with linux-versions only at the moment. It opens on TCP-port 27670 a through network reachable shell. The error was found in versions of Enemy Territory 2.60, Return to Castle Wolfenstein 1.41 and Quake III Arena 1.32b. Other versions are potentially also affected. Up to now there is no patch closing this security hole. Source: http://www.heise.de/newsticker/meldung/72780 -------------------- |
|
|
Lo-Fi Version | Time is now: 11th November 2024 - 03:56 PM |