Ravens PHP Scripts

Call of Duty 4: Modern Warfare Denial of Service
Date: Tuesday, May 06, 2008 @ 20:07:12 PDT
Topic: Security


SECUNIA ADVISORY ID: SA30050

VERIFY ADVISORY: http://secunia.com/advisories/30050/

CRITICAL: Moderately critical

IMPACT: DoS

SOFTWARE: Call of Duty 4: Modern Warfare - http://secunia.com/product/18568/

DESCRIPTION: Luigi Auriemma has reported a vulnerability in Call of Duty 4: Modern Warfare, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is reported in version 1.5. Other versions may also be affected.



The vulnerability is caused due to an input validation error when processing type 7 "stats" commands and can be exploited to cause the server to crash via a specially crafted "stats" packet.

SOLUTION: Restrict access to game servers to trusted people only

PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma

ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/cod4statz-adv.txt






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3320