ISS X-Force Database: sauerbraten-sgetstr-bo(25083): Sauerbraten Game Engine sgetstr() function buffer overflow

Sauerbraten Game Engine sgetstr() function buffer overflow

sauerbraten-sgetstr-bo (25083)

Medium Risk

Description:

Sauerbraten is vulnerable to a buffer overflow, caused by improper bounds checking by the 'sgetstr()' function. By sending a large amount of data to the 'sgetstr()' function, a remote attacker could overflow a buffer and execute arbitrary code on the system.

NOTE: Cube Engine version 2005_08_29 and prior are also vulnerable to this vulnerability.

Platforms Affected:

Cube Engine, Cube Engine 2005_08_29 & prior
Gentoo, Linux
Sauerbraten Game Engine, Sauerbraten Game Engine 2006_02_28 & prior

Remedy:

For Gentoo Linux:
Refer to Gentoo Linux Security Announcement GLSA 2006-03-10 for patch, upgrade, or suggested workaround information. See References.

Consequences:

Gain Access

References:

BugTraq Mailing List, Mon Mar 06 2006 - 14:29:51 CST , Multiple vulnerabilities in Sauerbraten engine 2006_02_28 at http://archives.neohapsis.com/archives/bugtraq/2006-02/0666.html.
BugTraq Mailing List, Mon Mar 06 2006 - 14:31:21 CST , Multiple vulnerabilities in Cube engine 2005_08_29 at http://archives.neohapsis.com/archives/bugtraq/2006-02/0669.html.
Cube Engine Web site, CUBE at http://www.cubeengine.com/.
Sauerbraten Game Engine Web site, Sauerbraten Game Engine at http://sauerbraten.org/.
SourceForge.net, sauerbraten game engine at http://sourceforge.net/projects/sauerbraten/.
BID-16986: Sauerbraten Multiple Remote Vulnerabilities
CVE-2006-1100: Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 2006_02_28 and earlier, as derived from the Cube engine, allows remote attackers to execute arbitrary code via long streams of input data.
GLSA-200603-10: Cube: Multiple vulnerabilities
SA19110: Cube Engine Buffer Overflow and Denial of Service
SA19111: Sauerbraten Engine Multiple Vulnerabilities
SA19199: Gentoo cube Buffer Overflow and Denial of Service
VUPEN/ADV-2006-0847: Cube Multiple Memory Corruption and Denial of Service Vulnerabilities
VUPEN/ADV-2006-0848: Sauerbraten Memory Corruption and Denial of Service Vulnerabilities

Reported:

Mar 06, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page