lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 26 Jun 2014 15:30:08 +0100
From: info <info@...veritas.com>
To: fulldisclosure@...lists.org
Subject: [FD] SECV-05-1401 - Vulnerability on World of Tanks servers


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SECV-05-1401 - Vulnerability on World of Tanks servers

Product description:

World of Tanks is a massively multiplayer online game developed by
Belarusian company Wargaming.net featuring early to mid-20th century era
fighting vehicles.It is built upon a freemium business model where the
game is free-to-play, but participants also have the option of paying a
fee for use of "premium" features. The focus is on player vs. player
gameplay with each player controlling an armored vehicle, which may be a
tank, tank destroyer, or self-propelled gun. World of Tanks debuted as
an eSports game at the World Cyber Games 2012.
        
CVE-ID: n/a
Affected versions: n/a

Vendor url: http://www.worldoftanks.com
Vulnerability status: Fixed
Advisory url: http://www.secveritas.com/secv-05-1401.html

Vulnerability details:
The vulnerability didn't affected used data. Both parties agreed not to
disclose further details about the vulnerability.

Timeline:
    16th May 14 - Ticket was open on Wargaming.net support.
    18th May 14 - Wargaming.net recognized
    12th Jun 14 - Wargaming.net announced that the problem was fixed
    14th Jun 14 - SECVeritas.com retested and confirmed that servers
around the world were patched
    18th Jun 14 - Both parties agreed on disclosure terms
    26th Jun 14 - Public disclosure

Credits:
ms - secveritas.com
2014
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJTrC5lAAoJEN3eoZ/uAn51ICIH/2JZavPNHMnEoSFN99IKd0Ap
oK0G3IvrwEkEpDb7/L1HHf2VltZTQzPBPe27gDm9oei/i/6VCPfZR3QGk7n04CbS
m+JbKfQJUSJ//YuIHAH5vQxjhpItlgKaiLGGqzNSRtnKcq9aw8onMY/zf9fiZBF4
qp9QHrsH7pjDgqWyucEZlmoIOBc/atzvYBD9e4Vhvs0xSPSUctNfCpDSYqVsj8MB
XjufQb093pyoDRhSu+Bkn5OOSupMCx6OXiGrQt3+T36pbMAGH7mrhCwIFhYeWrdj
bwi0Aql9xQ71fegT6Hf+heOq237JbpBty+FKW1uuHOktdXBkizmdG4IrgX3oCRM=
=qE6F
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists