CSDoom 2005 Multiple Buffer Overflow and Format String Vulnerabilities
BID:17248
Info
CSDoom 2005 Multiple Buffer Overflow and Format String Vulnerabilities
| Bugtraq ID: | 17248 |
| Class: | Unknown |
| CVE: |
CVE-2006-1402 CVE-2006-1403 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 27 2006 12:00AM |
| Updated: | Feb 20 2007 08:28PM |
| Credit: | Luigi Auriemma discovered these issues. |
| Vulnerable: |
X-Doom X-Doom VI 1.6.7 csDoom csDoom 2005 0.7 |
| Not Vulnerable: | |
Discussion
CSDoom 2005 Multiple Buffer Overflow and Format String Vulnerabilities
csDoom 2005 is prone to multiple buffer-overflow and format-string vulnerabilities.
The buffer-overflow issues are due to the application's failure to properly bounds-check user-supplied input data before copying it to an insufficiently sized memory buffer. The format-string vulnerabilities are due to the application's failure to properly sanitize user-supplied input before using it in a formatted-printing function.
These issues may allow attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely crash the targeted application. Both clients and servers are affected by these issues.
csDoom 2005 is prone to multiple buffer-overflow and format-string vulnerabilities.
The buffer-overflow issues are due to the application's failure to properly bounds-check user-supplied input data before copying it to an insufficiently sized memory buffer. The format-string vulnerabilities are due to the application's failure to properly sanitize user-supplied input before using it in a formatted-printing function.
These issues may allow attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely crash the targeted application. Both clients and servers are affected by these issues.
Exploit / POC
CSDoom 2005 Multiple Buffer Overflow and Format String Vulnerabilities
A proof-of-concept exploit application by Luigi Auriemma is available.
A proof-of-concept exploit application by Luigi Auriemma is available.
Solution / Fix
CSDoom 2005 Multiple Buffer Overflow and Format String Vulnerabilities
Solution:
The vendor has released a fixed version of the affected application to address these issues. The latest version of the source code to the game may be located at:
http://voxelsoft.com/csdoom/source.zip
Solution:
The vendor has released a fixed version of the affected application to address these issues. The latest version of the source code to the game may be located at:
http://voxelsoft.com/csdoom/source.zip
References
CSDoom 2005 Multiple Buffer Overflow and Format String Vulnerabilities
References:
References:
- csDoom Home Page (csDoom)
- Multiple vulnerabilities in csDoom 0.7 (Luigi Auriemma)