|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Gentoo Local Security Checks >> [GLSA-200407-14] Unreal Tournament 2003/2004: Buffer overflow in \'secure\' queries Vulnerability Assessment Details
|
[GLSA-200407-14] Unreal Tournament 2003/2004: Buffer overflow in \'secure\' queries |
||
Unreal Tournament 2003/2004: Buffer overflow in 'secure' queries Detailed Explanation for this Vulnerability Assessment The remote host is affected by the vulnerability described in GLSA-200407-14 (Unreal Tournament 2003/2004: Buffer overflow in 'secure' queries) The Unreal-based game servers support a specific type of query called 'secure'. Part of the Gamespy protocol, this query is used to ask if the game server is able to calculate an exact response using a provided string. Luigi Auriemma found that sending a long 'secure' query triggers a buffer overflow in the game server. Impact By sending a malicious UDP-based 'secure' query, a possible hacker could execute arbitrary code on the game server. Workaround Users can avoid this vulnerability by not using Unreal Tournament to host games as a server. All users running a server should upgrade to the latest versions. References: http://aluigi.altervista.org/adv/unsecure-adv.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0608 Solution: All Unreal Tournament users should upgrade to the latest available versions: # emerge sync # emerge -pv ">=games-fps/ut2003-2225-r3" # emerge ">=games-fps/ut2003-2225-r3" # emerge -pv ">=games-server/ut2003-ded-2225-r2" # emerge ">=games-server/ut2003-ded-2225-r2" # emerge -pv ">=games-fps/ut2004-3236" # emerge ">=games-fps/ut2004-3236" # emerge -pv ">=games-fps/ut2004-demo-3120-r4" # emerge ">=games-fps/ut2004-demo-3120-r4" Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: (C) 2005 Michel Arboi |
||
Cables, Connectors |
Gaming PC RTX 3080 Zotac Gaming, AMD Ryzen 7 5800X 3.8 GHz 8- Core Processor
$850.00
FAST Dell TOUCHSCREEN 8th Gen Intel Quad Core 16GB RAM Pick SSD Wi-Fi BT Win11
$199.00
ALLEGIANCE Desktop Computer Gaming PC: Intel 8 Core 128GB RAM, 2TB SSD, GeForce
$687.99
Intel - Core i9-13900K 13th Gen 24 cores 8 P-cores + 16 E-cores 36M Cache, 3 ...
$689.99
Intel - Core i7-13700K 13th Gen 16 cores 8 P-cores + 8 E-cores 30M Cache, 3.4...
$489.99
Intel - Core i9-12900K Desktop Processor 16 (8P+8E) Cores up to 5.2 GHz Unloc...
$619.99
Apple iMac Pro 2017 27 Inch 5K 3.2 GHz 8-Core Xeon 64GB RAM 1TB Vega
$1295.00
Intel - Core i5-13600K 13th Gen 14 cores 6 P-cores + 8 E-cores 24M Cache, 3.5...
$339.99
Intel NUC Core i7 8th Gen - Mini PC Kit BOXNUC8I7BEH1
$300.00
SONOMA Apple MacBook Pro 16" 5.0GHz i9 8 CORE - 5500M 8GB - 64GB RAM 1TB SSD
$1269.60
|
||
No Discussions have been posted on this vulnerability. |