Quake 3 engine based games: Buffer Overflow

Quake 3 engine based games: Buffer Overflow The Quake 3 engine has a vulnerability that could be exploited to execute arbitrary code. quake 2006-05-10 2006-05-10 132377 remote 1.32c 1.32c 1.41b 1.41b 2.60b 2.60b

Quake 3 is a multiplayer first person shooter.

landser discovered a vulnerability within the "remapShader" command. Due to a boundary handling error in "remapShader", there is a possibility of a buffer overflow.

An attacker could set up a malicious game server and entice users to connect to it, potentially resulting in the execution of arbitrary code with the rights of the game user.

Do not connect to untrusted game servers.

All Quake 3 users should upgrade to the latest version:


    # emerge --sync
    # emerge --ask --oneshot --verbose ">=games-fps/quake3-bin-1.32c"

All RTCW users should upgrade to the latest version:


    # emerge --sync
    # emerge --ask --oneshot --verbose ">=games-fps/rtcw-1.41b"

All Enemy Territory users should upgrade to the latest version:


    # emerge --sync
    # emerge --ask --oneshot --verbose ">=games-fps/enemy-territory-2.60b"

CVE-2006-2236 koon koon fox2mike