|
Sacrifice Format String and Buffer Overflow Vulnerabilities
|
|
Secunia Advisory:
|
SA16308
|
|
|
Release Date:
|
2005-08-02
|
|
Popularity:
|
5,291 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
DoS
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Unpatched
|
|
| Software: | Sacrifice
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
Description:
Luigi Auriemma has reported two vulnerabilities in Sacrifice, which potentially can be exploited by malicious people to compromise a vulnerable system.
1) A format string error in game3d.dll when generating text strings for display can potentially be exploited to execute arbitrary code via a specially crafted string containing format specifiers.
2) A boundary error in the online chat interface can be exploited to cause a buffer overflow via a specially crafted, overly long (more than 256 bytes) string.
Both vulnerabilities can reportedly be exploited by sending specially crafted input to the software's IRC public chat channel.
The vulnerabilities have been reported in all versions up to and including patch #3.
Solution:
Don't use the online chat functionality and play multiplayer games on trusted networks only.
Provided and/or discovered by:
Luigi Auriemma
Original Advisory:
http://aluigi.altervista.org/adv/sacrifice-adv.txt
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
