2024-11-21, 18:28 *
Welcome, Guest. Please login or register.

Login with username, password and session length
 
Pages: [1]
  Print  
Author Topic: Quake III Arena 1.32c Binaries (And for iD Q3A based-games)  (Read 6637 times)
0 Members and 2 Guests are viewing this topic.
Lopson
 

Elite
*
Posts: 1133

Still Going In Circles

« on: 2006-07-10, 10:17 »

A binary patch has been released by iD for the following games: Quake III Arena, Wolfenstein : Enemy Territory, Return to Castle Wolfenstein. Readme is here:

Code:
CVE-2006-2082: directory traversal / information leak in Quake III Arena auto download feature

Ludwig Nussel and Thilo Shulz discovered a vulnerability letting a malicious client download files from a server if auto download is enabled ( sv_allowDownload 1 ).

Issue #2 ( CVE pending ): R_RemapShaders buffer overflow

A second issue fixed in this release would let a malicious server exploit a buffer overflow to execute a shellcode on connecting clients.

--
Updated binaries for the following games are available:

Quake III Arena - fixed at version 1.32c
Return To Castle Wolfenstein - fixed at version 1.41b
Wolfenstein: Enemy Territory - fixed at version 2.60b

If you run a server with any older version, please upgrade or consider turning off autodownload ( set sv_allowDownload to 0 ). Wolfenstein: Enemy Territory servers http/ftp download feature is not affected by CVE-2006-2082. If you don't wish to upgrade, you can decide to only enable http/ftp downloads and disable legacy downloads in that particular case.

Finally, server administrators should note that game servers should be running in restricted environments as much as possible ( unpriviledged accounts and chroot jails ). It's a good thing to do the same for clients, or at least ensure that you are properly firewalled.

The most weird thing is that there is nothing in the iD software site regarding this, but it is an official patch made by iD Software. Phoenix, please take a look at this so that you can correct this in the generations exe that you are compiling.
Logged

Phoenix
Bird of Fire
 

Team Member
Elite (7.5k+)
*********
Posts: 8814

WWW
« Reply #1 on: 2006-07-10, 15:01 »

Thanks for the post.  I've been aware of the R_RemapShaders buffer overflow vulnerability, but I was not aware of this notice.  The fix will be implemented in the upcoming Generations binary.  Currently we have autodownloading disabled on Central and Euro, so this poses no threat to our existing stable Gen servers.  As soon as the binary is available I would recommend everyone patching to 1.32c.
Logged


I fly into the night, on wings of fire burning bright...
Lopson
 

Elite
*
Posts: 1133

Still Going In Circles

« Reply #2 on: 2006-07-11, 15:03 »

On a sidenote: The Punkbuster Client for these games have recieved a patch regarding some issues caused by this patch. In case you don't know the drill:
PBSETUP.EXE
EDIT: Also, a link for the patch. YOU MUST HAVE 1.32b INSTALLED:
Patch 1.32c
« Last Edit: 2006-07-11, 15:08 by [KruzadeR] » Logged

Pages: [1]
  Print  
 
Jump to: