lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <000a01c4cb3f$c46ea420$0700a8c0@pchome>
Date: Mon, 15 Nov 2004 20:20:20 +0200
From: "Manowar" <manowar@....ro>
To: "Luigi Auriemma" <aluigi@...istici.org>, bugtraq@...urityfocus.com,
   bugs@...uritytracker.com, news@...uriteam.com,
   full-disclosure@...ts.netsys.com, vuln@...unia.com
Subject: Re: Format string bug in Army Men RTS


i don't suppose you noticed 3do has been gone from the gaming scene for 
years, did you?
should we expect any buffer overflow in wolf3d/spear of destiny any time 
soon?
have a nice day.

----- Original Message ----- 
From: "Luigi Auriemma" <aluigi@...istici.org>
To: <bugtraq@...urityfocus.com>; <bugs@...uritytracker.com>; 
<news@...uriteam.com>; <full-disclosure@...ts.netsys.com>; 
<vuln@...unia.com>
Sent: Sunday, November 14, 2004 10:44 PM
Subject: Format string bug in Army Men RTS


>
> #######################################################################
>
>                             Luigi Auriemma
>
> Application:  Army Men RTS
>              http://www.3do.com/armymen/armymen/
> Versions:     1.0
> Platforms:    Windows
> Bug:          format string
> Exploitation: remote, versus server
> Date:         14 November 2004
> Author:       Luigi Auriemma
>              e-mail: aluigi@...ervista.org
>              web:    http://aluigi.altervista.org
>
>
> #######################################################################
>
>
> 1) Introduction
> 2) Bug
> 3) The Code
> 4) Fix
>
>
> #######################################################################
>
> ===============
> 1) Introduction
> ===============
>
>
> Army Men RTS is a real-time strategy game developed by Pandemic Studios
> (http://www.pandemicstudios.com) and released in March 2002.
>
>
> #######################################################################
>
> ======
> 2) Bug
> ======
>
>
> The game server is affected by a format string bug in the name of the
> player that joins in it.
>
>
> #######################################################################
>
> ===========
> 3) The Code
> ===========
>
>
> Join a server using the nickname %n%n%n, it will crash immediately.
>
>
> #######################################################################
>
> ======
> 4) Fix
> ======
>
>
> No fix.
> The game is no longer supported.
>
>
> #######################################################################
>
>
> --- 
> Luigi Auriemma
> http://aluigi.altervista.org
>
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists