Desert Rats vs. Afrika Korps Chat Message Remote overflow

2004-02-24T00:00:00
ID OSVDB:10632
Type osvdb
Reporter Luigi Auriemma(aluigi@altervista.org)
Modified 2004-02-24T00:00:00

Description

Vulnerability Description

A remote overflow exists in Desert Rats vs. Afrika Korps Chat Package. The package fails check to boundary resulting in a buffer overflow. By sending a packet containing a chat message with a large 32bit number identifying the length of the message, an attacker can cause a denial of service or execute arbitrary command on the system, resulting in a loss of integrity or availability.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A remote overflow exists in Desert Rats vs. Afrika Korps Chat Package. The package fails check to boundary resulting in a buffer overflow. By sending a packet containing a chat message with a large 32bit number identifying the length of the message, an attacker can cause a denial of service or execute arbitrary command on the system, resulting in a loss of integrity or availability.

References:

Vendor URL: http://www.desertratsgame.com Related OSVDB ID: 10631 Other Advisory URL: http://aluigi.altervista.org/adv/hgmcrash-adv.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-02/0619.html ISS X-Force ID: 15307 CVE-2004-2361