ISS X-Force Database: sauerbraten-sprintf-dos(25086): Sauerbraten Game Engine sprintf() denial of service

Sauerbraten Game Engine sprintf() denial of service

sauerbraten-sprintf-dos (25086)

Low Risk

Description:

Sauerbraten is vulnerable to a denial of service attack. By sending a long map name (.ogz file) to the 'sprintf()' function, a remote attacker could cause the server to deny access to any new player attempting to join the active game and cause the client machine to crash.

Platforms Affected:

Cube Engine, Cube Engine 2005_08_29 & prior
Gentoo, Linux
Sauerbraten Game Engine, Sauerbraten Game Engine 2006_02_28 & prior

Remedy:

For Gentoo Linux:
Refer to Gentoo Linux Security Announcement GLSA 2006-03-10 for patch, upgrade, or suggested workaround information. See References.

Consequences:

Denial of Service

References:

BugTraq Mailing List, Mon Mar 06 2006 - 14:29:51 CST , Multiple vulnerabilities in Sauerbraten engine 2006_02_28 at http://archives.neohapsis.com/archives/bugtraq/2006-02/0666.html.
BugTraq Mailing List, Mon Mar 06 2006 - 14:31:21 CST , Multiple vulnerabilities in Cube engine 2005_08_29 at http://archives.neohapsis.com/archives/bugtraq/2006-02/0669.html.
Cube Engine Web site, CUBE at http://www.cubeengine.com/.
Sauerbraten Game Engine Web site, Sauerbraten Game Engine at http://sauerbraten.org/.
SourceForge.net, sauerbraten game engine at http://sourceforge.net/projects/sauerbraten/.
BID-16986: Sauerbraten Multiple Remote Vulnerabilities
CVE-2006-1102: Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (client exit) by forcing the server to change to a map (ogz) file whose name contains .. sequences and has a certain length that prevents the addition of the .ogz extension.
GLSA-200603-10: Cube: Multiple vulnerabilities
SA19110: Cube Engine Buffer Overflow and Denial of Service
SA19111: Sauerbraten Engine Multiple Vulnerabilities
SA19199: Gentoo cube Buffer Overflow and Denial of Service
VUPEN/ADV-2006-0847: Cube Multiple Memory Corruption and Denial of Service Vulnerabilities
VUPEN/ADV-2006-0848: Sauerbraten Memory Corruption and Denial of Service Vulnerabilities

Reported:

Mar 06, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page