Secunia Advisories

August 2, 2005

Below are the Secunia Security Advisories rated as Highly Critical (or higher) from August 2, 2005.

• Secunia Advisory 16290
  Trustix update for multiple packages
  • Criticality: High
  • Description: Trustix has issued various updated packages. These fix some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, by malicious users to cause a DoS (Denial of Service), or by malicious people to gain knowledge of sensitive information, conduct HTTP request smuggling attacks, or compromise a vulnerable system.
  • Secunia Advisory: http://secunia.com/advisories/16290/

• Secunia Advisory 16308
  Sacrifice Format String and Buffer Overflow Vulnerabilities
  • Criticality: High
  • Description: Luigi Auriemma has reported two vulnerabilities in Sacrifice, which potentially can be exploited by malicious people to compromise a vulnerable system.
    1. A format string error in game3d.dll when generating text strings for display can potentially be exploited to execute arbitrary code via a specially crafted string containing format specifiers.
    2. A boundary error in the online chat interface can be exploited to cause a buffer overflow via a specially crafted, overly long (more than 256 bytes) string.
    Both vulnerabilities can reportedly be exploited by sending specially crafted input to the software's IRC public chat channel.
  • Secunia Advisory: http://secunia.com/advisories/16308/