Buffer-overflow in Age of Sail II 1.04.151

From: Luigi Auriemma (aluigi_at_autistici.org)
Date: 10/20/04

  • Next message: Danny: "Re: [Full-Disclosure] Senior M$ member says stop using passwords completely!"
    Date: Wed, 20 Oct 2004 18:08:14 +0000
    To: bugtraq@securityfocus.com, bugs@securitytracker.com, news@securiteam.com, full-disclosure@lists.netsys.com, vuln@secunia.com
    
    

    #######################################################################

                                 Luigi Auriemma

    Application: Privateer's Bounty: Age of Sail II
                  http://www.akella.com/aos2/
    Versions: <= 1.04.151 (seems also known as 1.55/1.56)
    Platforms: Windows
    Bug: buffer-overflow
    Exploitation: remote, versus server
    Date: 20 October 2004
    Author: Luigi Auriemma
                  e-mail: aluigi@altervista.org
                  web: http://aluigi.altervista.org

    #######################################################################

    1) Introduction
    2) Bug
    3) The Code
    4) Fix

    #######################################################################

    ===============
    1) Introduction
    ===============

    Age of Sail II is a naval strategy game developed by Akella
    (http://www.akella.com) and released in the 2001.

    #######################################################################

    ======
    2) Bug
    ======

    The game is affected by a buffer-overflow happening when an attacker
    joins in the server using a nickname of at least 144 bytes.

    #######################################################################

    ===========
    3) The Code
    ===========

    http://aluigi.altervista.org/poc/aos2bof.zip

    #######################################################################

    ======
    4) Fix
    ======

    No fix.
    Vendor didn't reply to my mails.

    #######################################################################

    ---
    Luigi Auriemma
    http://aluigi.altervista.org


  • Next message: Danny: "Re: [Full-Disclosure] Senior M$ member says stop using passwords completely!"

    Relevant Pages