Title: Halflife Map Command Buffer Overflow Vulnerability
Severity: MODERATE
Description:
Halflife is a popular internet gaming client and server software package. It is maintained and distributed by Sierra Studios.
The software package provides remote gaming facilities to users of the Counterstrike, Halflife, and Team Fortress Classic game series, as well as other like gaming packages.
A problem with the map command may permit a buffer overflow, and lead to execution of arbitrary code. The map command is a privileged command that is normally implemented with access control. It is used by a privileged user to change the playmap that is currently in use by users of the Halflife server.
Due to insufficient bounds checking, it is possible to overflow a buffer in the map command. Upon input of 58 to 59 characters, the buffer holding argument to the map command overflows, overwriting variables on the stack including the return address.
Affected Products:
- Valve Software Half-Life 1.1.0.0.4 Linux
- Valve Software Half-Life 1.1.0.0.4 Windows
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
