---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: FUN labs Various Games Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA14638 VERIFY ADVISORY: http://secunia.com/advisories/14638/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote SOFTWARE: U.S. Most Wanted: Nowhere to hide http://secunia.com/product/4821/ Shadow Force: Razor Unit http://secunia.com/product/4820/ Secret Service: In Harm's Way http://secunia.com/product/4819/ Revolution http://secunia.com/product/4818/ Cabela's Dangerous Hunts http://secunia.com/product/4817/ Cabela's 4x4 Offroad Adventure III http://secunia.com/product/4814/ DESCRIPTION: Luigi Auriemma has reported two vulnerabilities in various FUN labs games, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error in the communication handling can be exploited to cause a vulnerable service to stop processing further traffic by sending an empty UDP datagram to an affected server. 2) A boundary error in the handling of join packets can be exploited to crash a vulnerable server. The vulnerabilities have been reported in the following games: * Cabela's 4x4 Offroad Adventure III * Cabela's Dangerous Hunts * Revolution * Secret Service: In Harm's Way * Shadow Force: Razor Unit * U.S. Most Wanted: Nowhere to hide Other games from FUN labs may also be affected. SOLUTION: Host games on trusted networks only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/funlabsboom-adv.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------