ID Software Quake 3 Engine Infostring Query Remote Denial of Service Vulnerability
BID:12534
Info
ID Software Quake 3 Engine Infostring Query Remote Denial of Service Vulnerability
| Bugtraq ID: | 12534 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 12 2005 12:00AM |
| Updated: | Feb 12 2005 12:00AM |
| Credit: | Discovered and reported by Luigi Auriemma <[email protected]>. |
| Vulnerable: |
Ritual Heavy Metal: F.A.K.K.2 1.0.2 Raven Software Star Trek Voyager: Elite Force 1.2 Raven Software Star Trek Voyager: Elite Force 1.1 Raven Software Star Trek Voyager: Elite Force 1.0 Raven Software Soldier Of Fortune 2 1.0 3 Raven Software Soldier Of Fortune 2 1.0 2 LucasArts Star Wars Jedi Knight: Jedi Academy 1.0.11 LucasArts Star Wars Jedi Knight II: Jedi Outcast 1.0.4 id Software Quake 3 Arena Server 1.29 g id Software Quake 3 Arena Server 1.29 f id Software Quake 3 Arena 1.31 id Software Quake 3 Arena 1.16 n id Software Quake 3 Arena 1.1.7 id Software Quake 3 Arena 1.1.7 Activision Wolfenstein: Enemy Territory 2.56 Activision Wolfenstein: Enemy Territory 1.0.2 Activision Star Trek: Elite Force II 1.10 Activision Return to Castle Wolfenstein 1.1 Activision Return to Castle Wolfenstein 1.0 Activision Call of Duty United Offensive 1.41 Activision Call of Duty 1.4 |
| Not Vulnerable: |
Activision Call of Duty United Offensive 1.5.1 b Activision Call of Duty 1.5 b |
Discussion
ID Software Quake 3 Engine Infostring Query Remote Denial of Service Vulnerability
It has been reported that the server is vulnerable to a remotely exploitable denial of service attack. The server can be made to crash if a client issues a query with a parameter of excessive length. This can be exploited to cause a denial of service condition.
It has been reported that the server is vulnerable to a remotely exploitable denial of service attack. The server can be made to crash if a client issues a query with a parameter of excessive length. This can be exploited to cause a denial of service condition.
Exploit / POC
ID Software Quake 3 Engine Infostring Query Remote Denial of Service Vulnerability
A proof of concept program is available:
http://aluigi.altervista.org/poc/q3infoboom.zip
A proof of concept program is available:
http://aluigi.altervista.org/poc/q3infoboom.zip
Solution / Fix
ID Software Quake 3 Engine Infostring Query Remote Denial of Service Vulnerability
Solution:
The following games have been fixed:
Call of Duty 1.5b
Call of Duty: United Offensive 1.51b
An unofficial patch has been made available by the discoverer of this vulnerability. It is *not* supported and has not been tested by Symantec:
http://aluigi.altervista.org/patches/q3infofix.zip
See the original advisory in the reference section.
Solution:
The following games have been fixed:
Call of Duty 1.5b
Call of Duty: United Offensive 1.51b
An unofficial patch has been made available by the discoverer of this vulnerability. It is *not* supported and has not been tested by Symantec:
http://aluigi.altervista.org/patches/q3infofix.zip
See the original advisory in the reference section.
References
ID Software Quake 3 Engine Infostring Query Remote Denial of Service Vulnerability
References:
References:
- Infostring crash and shutdown in the Quake 3 engine (Luigi Auriemma