Raven Software Soldier Of Fortune 2 Remote Denial Of Service Vulnerability

Bugtraq ID:	12650
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	No
Published:	Feb 24 2005 12:00AM
Updated:	Feb 24 2005 12:00AM
Credit:	Luigi Auriemma <[email protected]> is credited with the discovery of this issue.
Vulnerable:	Raven Software Soldier Of Fortune 2 1.0 3 Raven Software Soldier Of Fortune 2 1.0 2
Not Vulnerable:

Raven Software Soldier Of Fortune 2 Remote Denial Of Service Vulnerability

A remote denial of service vulnerability affects Raven Software Soldier Of Fortune 2. This issue is due to a failure of the application to handle excessively long values derived from network data.

An attacker may leverage this issue to cause an affected server to crash, denying service to legitimate users.

Raven Software Soldier Of Fortune 2 Remote Denial Of Service Vulnerability

The following exploit has been made available:

• /data/vulnerabilities/exploits/sof2guidboom.zip

Raven Software Soldier Of Fortune 2 Remote Denial Of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Raven Software Soldier Of Fortune 2 Remote Denial Of Service Vulnerability

References:

• Raven Software Homepage (Raven Software)
  
• Soldier Of Fortune Homepage (Raven Software)
  
• In-game cl_guid crash in Soldier of Fortune II 1.03 (Luigi Auriemma )