Buffer overflow bug shakes Quake
Network gamers asked to upgrade
Posted in Security, 2nd August 2001 12:23 GMT
Free whitepaper – Enabling Datacenter and Cloud Service Management for Mid-Tier Enterprises
A security flaw involving the server software that allows Quake III players to play the popular shoot-them-up over a network has been reported.
According to a posting on respected security mailing list BugTraq, a buffer overflow vulnerability in Quake III Arena Server could allow a malicious users to crash a system hosting the game.
The issue, which has been reported to id Software which developed the game, has the potential, as with all buffer overflow bugs, to allow an attacker to execute arbitrary code on a server, potentially enabling him to take control of a machine.
Both Quake III Arena 1.29f and 1.29g are affected by the problem, and earlier versions of the software are believed to be safe.
A beta version of Quake III 1.29h, which addresses a "server crash exploit" and improves game play had been released by id Software, which is recommending that users of Quake III Arena 1.29f and 1.29g should upgrade. ®
External Links
Quake III arena
Discussion of the security problem from BugTraq
Related Stories
Free whitepaper – Enabling Datacenter and Cloud Service Management for Mid-Tier Enterprises
Enabling Datacenter and Cloud Service Management for Mid-Tier Enterprises
The Register Guide to Web Security
Register Research on: Application Platforms
Linux on the Desktop
The Evolving Security Landscape
