oss-sec mailing list archives

CVE Request -- alienarena - 7.31

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Fri, 23 Oct 2009 10:57:21 +0200

Hello Steve, vendors,

  remotely exploitable buffer overflow flaw by processing specially-crafted UDP reply from game
server (leading to arbitrary code execution) was fixed in latest upstream alienarena-7.31
release.

References:
-----------
http://www.ngssoftware.com/brochures/Anonymous.Remote.Arbitrary.Code.Execution.in.Alien.Arena.pdf (More descriptive 
issue details)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552038 (Original source)
http://icculus.org/alienarena/changelogs/7.31.txt (Revisions 1390 and 1391).

Upstream patch:
---------------
http://svn.icculus.org/alienarena/trunk/source/client/menu.c?r1=1383&r2=1391 (Merged change of 1390 and 1391)

Could you allocate a CVE identifier?

Thanks && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Current thread:

CVE Request -- alienarena - 7.31 Jan Lieskovsky (Oct 23)
- Re: CVE Request -- alienarena - 7.31 Josh Bressers (Oct 23)