lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <000a01c4cb3f$c46ea420$0700a8c0@pchome> Date: Mon, 15 Nov 2004 20:20:20 +0200 From: "Manowar" <manowar@....ro> To: "Luigi Auriemma" <aluigi@...istici.org>, bugtraq@...urityfocus.com, bugs@...uritytracker.com, news@...uriteam.com, full-disclosure@...ts.netsys.com, vuln@...unia.com Subject: Re: Format string bug in Army Men RTS i don't suppose you noticed 3do has been gone from the gaming scene for years, did you? should we expect any buffer overflow in wolf3d/spear of destiny any time soon? have a nice day. ----- Original Message ----- From: "Luigi Auriemma" <aluigi@...istici.org> To: <bugtraq@...urityfocus.com>; <bugs@...uritytracker.com>; <news@...uriteam.com>; <full-disclosure@...ts.netsys.com>; <vuln@...unia.com> Sent: Sunday, November 14, 2004 10:44 PM Subject: Format string bug in Army Men RTS > > ####################################################################### > > Luigi Auriemma > > Application: Army Men RTS > http://www.3do.com/armymen/armymen/ > Versions: 1.0 > Platforms: Windows > Bug: format string > Exploitation: remote, versus server > Date: 14 November 2004 > Author: Luigi Auriemma > e-mail: aluigi@...ervista.org > web: http://aluigi.altervista.org > > > ####################################################################### > > > 1) Introduction > 2) Bug > 3) The Code > 4) Fix > > > ####################################################################### > > =============== > 1) Introduction > =============== > > > Army Men RTS is a real-time strategy game developed by Pandemic Studios > (http://www.pandemicstudios.com) and released in March 2002. > > > ####################################################################### > > ====== > 2) Bug > ====== > > > The game server is affected by a format string bug in the name of the > player that joins in it. > > > ####################################################################### > > =========== > 3) The Code > =========== > > > Join a server using the nickname %n%n%n, it will crash immediately. > > > ####################################################################### > > ====== > 4) Fix > ====== > > > No fix. > The game is no longer supported. > > > ####################################################################### > > > --- > Luigi Auriemma > http://aluigi.altervista.org > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists