---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Call of Duty "callvote map" Buffer Overflow SECUNIA ADVISORY ID: SA22078 VERIFY ADVISORY: http://secunia.com/advisories/22078/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote SOFTWARE: Call of Duty United Offensive 1.x http://secunia.com/product/12102/ Call of Duty 2 http://secunia.com/product/12103/ Call of Duty 1.x http://secunia.com/product/12101/ DESCRIPTION: A vulnerability has been reported in Call of Duty, Call of Duty United Offensive, and Call of Duty 2, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "callvote map" command. This can be exploited to cause a buffer overflow by calling the command with a long "MAP" parameter (more than 64 bytes). Successful exploitation may allow the execution of arbitrary code. The vulnerability has been reported in: Call of Duty version 1.5b Call of Duty United Offensive version 1.51b Call of Duty 2 version 1.3 Other versions may also be affected. SOLUTION: Restrict access to game servers to trusted people only. PROVIDED AND/OR DISCOVERED BY: Discovered in the wild and reported by an anonymous game server administrator to Luigi Auriemma. ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/codmapbof-adv.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------