SECUNIA ADVISORY ID: SA30050

VERIFY ADVISORY: http://secunia.com/advisories/30050/

CRITICAL: Moderately critical

IMPACT: DoS

SOFTWARE: Call of Duty 4: Modern Warfare - http://secunia.com/product/18568/

DESCRIPTION: Luigi Auriemma has reported a vulnerability in Call of Duty 4: Modern Warfare, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is reported in version 1.5. Other versions may also be affected.

The vulnerability is caused due to an input validation error when processing type 7 "stats" commands and can be exploited to cause the server to crash via a specially crafted "stats" packet.

SOLUTION: Restrict access to game servers to trusted people only

PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma

ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/cod4statz-adv.txt