Wednesday, May 07, 2008 2:42 PM
cmosby
Call of Duty 4: Modern Warfare Denial of Service - Advisories - Secunia
Call of Duty 4: Modern Warfare Denial of Service
Secunia Advisory:
SA30050
Release Date:
2008-05-06
Critical:
Moderately critical
Impact:
DoS
Where:
From remote
Solution Status:
Unpatched
Software:
Call of Duty 4: Modern Warfare
Description:
Luigi Auriemma has reported a vulnerability in Call of Duty 4: Modern Warfare, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an input validation error when processing type 7 "stats" commands and can be exploited to cause the server to crash via a specially crafted "stats" packet.
The vulnerability is reported in version 1.5. Other versions may also be affected.
Solution:
Restrict access to game servers to trusted people only
Provided and/or discovered by:
Luigi Auriemma
Original Advisory:
http://aluigi.altervista.org/adv/cod4statz-adv.txt