Multiple games developed by FUN labs, including 4X4 Off-road Adventure III, Big Game Hunter, Dangerous Hunts, Deer Hunt, Revolution, Secret Service, Shadow Force, and US Most Wanted, allow remote attackers to cause a denial of service via an empty UDP packet to the server, which cannot detect that a new packet has arrived using the socket ioctl.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| 4x4_off-road_adventure_iii | Funlabs | * | * |
| Cabelas_big_game_hunter_2004_season | Funlabs | * | * |
| Cabelas_big_game_hunter_2005 | Funlabs | * | * |
| Cabelas_dangerous_hunts | Funlabs | * | * |
| Cabelas_deer_hunt_2005_season | Funlabs | * | * |
| Revolution | Funlabs | * | * |
| Secret_service_in_harms_way | Funlabs | * | * |
| Shadow_force_razor_unit | Funlabs | * | * |
| Us_most_wanted_nowhere_to_hide | Funlabs | * | * |
References
- http://aluigi.altervista.org/adv/funlabsboom-adv.txt
- http://secunia.com/advisories/14638
- http://securitytracker.com/id?1013492
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19762
- http://aluigi.altervista.org/adv/funlabsboom-adv.txt
- http://secunia.com/advisories/14638
- http://securitytracker.com/id?1013492
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19762