---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Sacrifice Format String and Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA16308 VERIFY ADVISORY: http://secunia.com/advisories/16308/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote SOFTWARE: Sacrifice http://secunia.com/product/5472/ DESCRIPTION: Luigi Auriemma has reported two vulnerabilities in Sacrifice, which potentially can be exploited by malicious people to compromise a vulnerable system. 1) A format string error in game3d.dll when generating text strings for display can potentially be exploited to execute arbitrary code via a specially crafted string containing format specifiers. 2) A boundary error in the online chat interface can be exploited to cause a buffer overflow via a specially crafted, overly long (more than 256 bytes) string. Both vulnerabilities can reportedly be exploited by sending specially crafted input to the software's IRC public chat channel. The vulnerabilities have been reported in all versions up to and including patch #3. SOLUTION: Don't use the online chat functionality and play multiplayer games on trusted networks only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/sacrifice-adv.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------