ID
VAR-201003-0518
TITLE
Cafu Denial of Service and Format String Vulnerability
Trust: 0.6
DESCRIPTION
Cafu is an open source game and 3D graphics engine. Cafu has multiple security vulnerabilities that can be exploited by remote attackers to perform denial of service or arbitrary code execution attacks. - Handling an incomplete \"CS0_RemoteConsoleCommand\" message triggers a null pointer reference and crashes the server. - When the client prints a chat message with a format string error, submitting a specially constructed message can corrupt the memory and can cause arbitrary instructions to be executed with application privileges. ---------------------------------------------------------------------- Use WSUS to deploy 3rd party patches Public BETA http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Cafu Denial of Service and Format String Vulnerabilities SECUNIA ADVISORY ID: SA39054 VERIFY ADVISORY: http://secunia.com/advisories/39054/ DESCRIPTION: Luigi Auriemma has reported two vulnerabilities in Cafu, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the engine. 1) A NULL-pointer dereference when processing incomplete "CS0_RemoteConsoleCommand" packets can be exploited to crash an affected server. 2) A format string error when a client e.g. The vulnerabilities are reported in version 9.06. Other versions may also be affected. SOLUTION: Use the engine in trusted networks only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/cafux-adv.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
Trust: 0.63
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | no | model: | - | scope: | - | version: | - | Trust: 0.6 |
EXTERNAL IDS
| db: | SECUNIA | id: | 39054 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2010-0413 | Trust: 0.6 |
| db: | PACKETSTORM | id: | 87570 | Trust: 0.1 |
REFERENCES
| url: | http://secunia.com/advisories/39054/http | Trust: 0.6 |
| url: | http://secunia.com/advisories/39054/ | Trust: 0.1 |
| url: | http://secunia.com/advisories/secunia_security_advisories/ | Trust: 0.1 |
| url: | http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org | Trust: 0.1 |
| url: | http://aluigi.altervista.org/adv/cafux-adv.txt | Trust: 0.1 |
| url: | http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/ | Trust: 0.1 |
| url: | http://secunia.com/advisories/about_secunia_advisories/ | Trust: 0.1 |
CREDITS
Secunia
Trust: 0.1
SOURCES
| db: | CNVD | id: | CNVD-2010-0413 |
| db: | PACKETSTORM | id: | 87570 |
LAST UPDATE DATE
2022-05-17T02:01:26.695000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2010-0413 | date: | 2010-03-23T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2010-0413 | date: | 2010-03-23T00:00:00 |
| db: | PACKETSTORM | id: | 87570 | date: | 2010-03-23T15:17:24 |