Title: Halflife Linux Server rcon Vulnerabilities
Severity: MODERATE
Description:
Halflife Dedicated Linux Server is a software package used to host Halflife games for network gaming. A vulnerability discovered in this package allows a user to remotely gain access to the host running the software.
The first problem occurs through a machine connected to the Halflife server. The rcon command of the Halflife Linux Dedicated Server calls a function which contains an unchecked buffer. In this scenario, malicous user can bring up the game command console to execute commands, similar to that of an IRC server console, and send an rcon command to the server with enough data to overwrite the return address, causing the server to crash.
The second problem consists of a format string vulnerability. A function within rcon does not validate the input to the rcon command buffer, which is passed to sprintf() function. Therefore, it is possible for a malcious user to pass a specially formatted string via the rcon command that may result in remote code execution.
Affected Products:
- Valve Software Half-Life Dedicated Server 3.1.3
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
