LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

quake3: arbitrary command/code execution

Package(s):quake3 CVE #(s):CVE-2011-1412 CVE-2011-2764
Created:August 9, 2011 Updated:March 8, 2012
Description: From the CVE entries:

sys/sys_unix.c in the ioQuake3 engine on Unix and Linux, as used in World of Padman 1.5.x before 1.5.1.1 and OpenArena 0.8.x-15 and 0.8.x-16, allows remote game servers to execute arbitrary commands via shell metacharacters in a long fs_game variable. (CVE-2011-1412)

The FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ioQuake3 engine 1.36 and earlier, as used in World of Padman, Smokin' Guns, OpenArena, Tremulous, and ioUrbanTerror, does not properly determine dangerous file extensions, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file. (CVE-2011-2764)

Alerts:
Fedora FEDORA-2011-9898 2011-07-31
Fedora FEDORA-2011-9774 2011-07-31
Fedora FEDORA-2011-9898 2011-07-31
Fedora FEDORA-2011-9774 2011-07-31
Mageia MGASA-2012-0148 2012-07-09
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds