FYI...
------------------------------------------------------TITLE:
America's Army Special Forces Unreal Engine Denial Of Service
SECUNIA ADVISORY ID:
SA27015
VERIFY ADVISORY:
http://secunia.com/advisories/27015/ CRITICAL:
Moderately critical
IMPACT:
DoS
WHERE:
From remote
SOFTWARE:
America's Army Special Forces 2.x
http://secunia.com/product/15910/ DESCRIPTION:
Luigi Auriemma has reported some vulnerabilities in America's Army,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
For more information:
SA26506
Successful exploitation requires that the "PunkBuster" feature is
enabled on the affected server.
The vulnerabilities are reported in version 2.8.2 and prior. Other
versions may also be affected.
SOLUTION:
Host games on a trusted network only.
PROVIDED AND/OR DISCOVERED BY:
Luigi Auriemma
--------------------------------------------------------------------TITLE:
Doom 3 Engine Format String Vulnerability
SECUNIA ADVISORY ID:
SA27002
VERIFY ADVISORY:
http://secunia.com/advisories/27002/ CRITICAL:
Highly critical
IMPACT:
DoS, System access
WHERE:
From remote
SOFTWARE:
DOOM 3 Version 1.x
http://secunia.com/product/5843/ DESCRIPTION:
Luigi Auriemma has reported a vulnerability in Doom 3, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially to compromise a vulnerable system.
The vulnerability is caused due to a format string error in the Doom
3 engine when displaying certain PunkBuster packets in the game
console. This can be exploited via specially crafted "PB_Y" or "PB_U"
packets sent to the server.
Successful exploitation may allow execution of arbitrary code but
requires that PunkBuster is active on the server.
SOLUTION:
Host games only in a trusted network environment.
PROVIDED AND/OR DISCOVERED BY:
Luigi Auriemma
---------------------------------------------------------------------