Scorched 3D ComsMessageHandler.cpp Remote Overflow

2005-11-02T04:46:16
ID OSVDB:20468
Type osvdb
Reporter Luigi Auriemma(aluigi@autistici.org)
Modified 2005-11-02T04:46:16

Description

Vulnerability Description

A remote overflow exists in Scorched 3D. The ComsMessageHandler.cpp component fails to validate command names resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A remote overflow exists in Scorched 3D. The ComsMessageHandler.cpp component fails to validate command names resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor URL: http://www.scorched3d.co.uk Secunia Advisory ID:17549 Secunia Advisory ID:17423 Related OSVDB ID: 20466 Related OSVDB ID: 20467 Related OSVDB ID: 20465 Related OSVDB ID: 20469 Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200511-12.xml Other Advisory URL: http://aluigi.altervista.org/adv/scorchbugs-adv.txt Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0070.html FrSIRT Advisory: ADV-2005-2288 CVE-2005-3487 Bugtraq ID: 15292