Title: RndLabs Babo Violent 2 Multiple Vulnerabilities
Severity: HIGH
Description:
Babo Violent 2 is a multiplayer game for Microsoft Windows and Linux.
Babo Violent 2 is prone to four vulnerabilities:
1. A format-string issue affects an output function. An attacker can exploit this issue by sending a malicious message or administrative authentication data. Successful attacks may allow attackers to crash the server or execute arbitrary code.
2. A denial-of-service vulnerability arises when a client sends a request for a map that doesn't exist. The server fails to handle this request properly and crashes.
3. A denial-of-service vulnerability allows attackers to crash clients and servers by sending a malformed UDP packet over UDP port 11111. The UDP packet required to carry out this attack would have a 16-bit size value that is larger than the actual size of the data in the packet.
4. A denial-of-service vulnerability can occur when an attacker sends data packets with ID 0xca, 0xcb, 0xcc, 0xce, 0xcf or 0xd0 and the first byte is specified to a value that is greater than or equal to 0x28.
Successful attacks could allow attackers to execute arbitrary code or crash game servers.
Affected Products:
- RndLabs Babo Violent 2 2.08
References:
- RndLabs: Babo Violent 2
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
