Warzone 2100 "recvTextMessage()" and "NETrecvFile()" Buffer Overflow Vulnerabilities
Technical Description



Two vulnerabilitieshave been identified in Warzone 2100, which could be exploited byremote attackers to cause a denial of service or execute arbitrarycommands.



The first issue is due to a buffer overflow error in the"recvTextMessage()" [multiplay.c] function that does not properlyhandle overly long messages, which could be exploited by remoteattackers to crash or compromise a vulnerable application.



The second flaw is due to a buffer overflow error in the"NETrecvFile()" [lib/netplay/netplay.c] function that does not properlyhandle an overly long filename, which could be exploited by remoteattackers to crash or compromise a vulnerable application.



Affected Products



Warzone 2100 version 2.0.3 and prior



Solution



A fix is available via SVN :

http://svn.gna.org/viewcvs/warzone/tags/2.0.3/



더보기

댓글,