Quake 3 Engine remapShader Command Remote Buffer Overflow Vulnerability
BID:17857
Info
Quake 3 Engine remapShader Command Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 17857 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2006-2236 |
| Remote: | Yes |
| Local: | No |
| Published: | May 05 2006 12:00AM |
| Updated: | May 17 2010 06:52PM |
| Credit: | Discovery is credited to landser <[email protected]>. |
| Vulnerable: |
Red Hat Fedora 13 Red Hat Fedora 12 id Software Wolfenstein: Enemy Territory 2.60 id Software Return to Castle Wolfenstein 1.41 id Software Quake 3 Engine 1.32 b id Software Quake 3 Arena 1.32 b Gentoo Linux |
| Not Vulnerable: |
id Software Wolfenstein: Enemy Territory 2.60b id Software Return to Castle Wolfenstein 1.41b id Software Quake 3 Arena 1.32c |
Discussion
Quake 3 Engine remapShader Command Remote Buffer Overflow Vulnerability
The Quake 3 engine is susceptible to a remote buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
Remote attackers may exploit this issue to execute arbitrary machine code in the context of affected game clients. Failed exploit attempts will likely crash affected clients.
This vulnerability reportedly affects the following games:
- Quake 3 Arena
- Return to Castle Wolfenstein
- Wolfenstein: Enemy Territory
Other games may also be affected.
The Quake 3 engine is susceptible to a remote buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
Remote attackers may exploit this issue to execute arbitrary machine code in the context of affected game clients. Failed exploit attempts will likely crash affected clients.
This vulnerability reportedly affects the following games:
- Quake 3 Arena
- Return to Castle Wolfenstein
- Wolfenstein: Enemy Territory
Other games may also be affected.
Exploit / POC
Quake 3 Engine remapShader Command Remote Buffer Overflow Vulnerability
The following exploit is available:
The following exploit is available:
Solution / Fix
Quake 3 Engine remapShader Command Remote Buffer Overflow Vulnerability
Solution:
id Software has released patches. Please see references for details.
id Software Quake 3 Arena 1.32 b
id Software Return to Castle Wolfenstein 1.41
id Software Wolfenstein: Enemy Territory 2.60
Solution:
id Software has released patches. Please see references for details.
id Software Quake 3 Arena 1.32 b
-
id Software Quake III Arena 1.32c Patch (linux)
http://www.idsoftware.com/downloads/shambler.php?id=8001 -
id Software Quake III Arena 1.32c Patch (mac)
http://www.idsoftware.com/downloads/shambler.php?id=8002 -
id Software Quake III Arena 1.32c Patch (win32)
http://www.idsoftware.com/downloads/shambler.php?id=8000
id Software Return to Castle Wolfenstein 1.41
-
id Software Return to Castle Wolfenstein 1.41b Patch (linux)
http://www.idsoftware.com/downloads/shambler.php?id=10001 -
id Software Return to Castle Wolfenstein 1.41b Patch (win32)
http://www.idsoftware.com/downloads/shambler.php?id=10000
id Software Wolfenstein: Enemy Territory 2.60
-
id Software Wolfenstein: Enemy Territory 2.60b Patch (linux)
http://www.idsoftware.com/downloads/shambler.php?id=11001 -
id Software Wolfenstein: Enemy Territory 2.60b Patch (mac)
http://www.idsoftware.com/downloads/shambler.php?id=11002 -
id Software Wolfenstein: Enemy Territory 2.60b Patch (win32)
http://www.idsoftware.com/downloads/shambler.php?id=11000
References
Quake 3 Engine remapShader Command Remote Buffer Overflow Vulnerability
References:
References:
- id Software Home Page (id Software)
- Quake3 Arena Homepage (id Software)