Buffer overflow bug shakes Quake
PrintNetwork gamers asked to upgrade
Posted in Security, 2nd August 2001 12:23 GMT
Free whitepaper – Dell IT infrastructure services brochure
A security flaw involving the server software that allows Quake III players to play the popular shoot-them-up over a network has been reported.
According to a posting on respected security mailing list BugTraq, a buffer overflow vulnerability in Quake III Arena Server could allow a malicious users to crash a system hosting the game.
The issue, which has been reported to id Software which developed the game, has the potential, as with all buffer overflow bugs, to allow an attacker to execute arbitrary code on a server, potentially enabling him to take control of a machine.
Both Quake III Arena 1.29f and 1.29g are affected by the problem, and earlier versions of the software are believed to be safe.
A beta version of Quake III 1.29h, which addresses a "server crash exploit" and improves game play had been released by id Software, which is recommending that users of Quake III Arena 1.29f and 1.29g should upgrade. ®
External Links
Quake III arena
Discussion of the security problem from BugTraq
Analyst Keynote: The Register Agile Data Center Summit
What Exchange can't do - and Dell can
Enabling The Agile Data Center
Analyst Keynote: The Register Agile Data Center Summit
Breaching Fort Apache.org - What went wrong?
Snow Leopard security - The good, the bad and the missing
US Dems fill inboxes with 419 scams
BlockMaster SafeStick hardware-encrypted USB drive