ISS X-Force Database: sauerbraten-multiple-dos(25085): Sauerbraten Game Engine sgetstr() and getint() functions denial of service

Sauerbraten Game Engine sgetstr() and getint() functions denial of service

sauerbraten-multiple-dos (25085)

Low Risk

Description:

Sauerbraten is vulnerable to a denial of service attack. By sending long commands to the 'sgetstr()' function or to the 'getint()' function a remote attacker could overflow the memory buffers for these functions and cause the application to crash.

Platforms Affected:

Cube Engine, Cube Engine 2005_08_29 & prior
Gentoo, Linux
Sauerbraten Game Engine, Sauerbraten Game Engine 2006_02_28 & prior

Remedy:

For Gentoo Linux:
Refer to Gentoo Linux Security Announcement GLSA 2006-03-10 for patch, upgrade, or suggested workaround information. See References.

Consequences:

Denial of Service

References:

BugTraq Mailing List, Mon Mar 06 2006 - 14:29:51 CST , Multiple vulnerabilities in Sauerbraten engine 2006_02_28 at http://archives.neohapsis.com/archives/bugtraq/2006-02/0666.html.
BugTraq Mailing List, Mon Mar 06 2006 - 14:31:21 CST , Multiple vulnerabilities in Cube engine 2005_08_29 at http://archives.neohapsis.com/archives/bugtraq/2006-02/0669.html.
Cube Engine Web site, CUBE at http://www.cubeengine.com/.
Sauerbraten Game Engine Web site, Sauerbraten Game Engine at http://sauerbraten.org/.
SourceForge.net, sauerbraten game engine at http://sourceforge.net/projects/sauerbraten/.
BID-16986: Sauerbraten Multiple Remote Vulnerabilities
CVE-2006-1101: The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine, allow remote attackers to cause a denial of service (segmentation fault) via long streams of input data that trigger an out-of-bounds read, as demonstrated using SV_EXT tag data in the Cube engine, which is not properly handled by getint.
GLSA-200603-10: Cube: Multiple vulnerabilities
SA19110: Cube Engine Buffer Overflow and Denial of Service
SA19111: Sauerbraten Engine Multiple Vulnerabilities
SA19199: Gentoo cube Buffer Overflow and Denial of Service
VUPEN/ADV-2006-0847: Cube Multiple Memory Corruption and Denial of Service Vulnerabilities
VUPEN/ADV-2006-0848: Sauerbraten Memory Corruption and Denial of Service Vulnerabilities

Reported:

Mar 06, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page