IPB

Welcome Guest ( Log In | Register )

 
 Reply to this topicStart new topic
> Buffer Overflows with Quake 3 Engine based network games, GAME
sl.Binaural
post May 6 2006, 12:48 PM
Post #1


Group Icon Chief_Translator

Group: RtCW/ET-Division

Joined: 26-September 04
From: Bonn, Germany
Member No.: 655
Players of Enemy Territory, Return to Castle Wolfenstein and Quake III Arena should be careful in future when connecting to an unknown server. There is a buffer overlow exploit around for the mentioned games with Quake 3 Engine, which plants code on the client and executes it. Therefore it will suffice to send a prepared RemapShader-order to the client.

The linux and also the windows-versions are affected, but the exploit works with linux-versions only at the moment. It opens on TCP-port 27670 a through network reachable shell. The error was found in versions of Enemy Territory 2.60, Return to Castle Wolfenstein 1.41 and Quake III Arena 1.32b. Other versions are potentially also affected. Up to now there is no patch closing this security hole.

Source: http://www.heise.de/newsticker/meldung/72780


--------------------
- Entweder Raum und Zeit oder der freie Wille ist eine Illusion. -


- BinauralBeatsProjec't - get your copy now! - as always free of charge
- additional material available here
Go to the top of the page
 
+Quote Post
« Next Oldest · NEWS - RtCW / ET - ENGLISH · Next Newest »
 

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

RSS Lo-Fi Version Time is now: 27th April 2024 - 07:53 PM
Powered By IP.Board © 2024  IPS, Inc.
Licensed to: www.splatterladder.com