Format string bug in Army Men RTS
From: Luigi Auriemma (aluigi_at_autistici.org)
Date: 11/14/04
- Previous message: Bart.Lansing_at_kohls.com: "Re: [Full-Disclosure] Re: U.S. 2004 Election Fraud."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 14 Nov 2004 20:44:58 +0000 To: bugtraq@securityfocus.com, bugs@securitytracker.com, news@securiteam.com, full-disclosure@lists.netsys.com, vuln@secunia.com
#######################################################################
Luigi Auriemma
Application: Army Men RTS
http://www.3do.com/armymen/armymen/
Versions: 1.0
Platforms: Windows
Bug: format string
Exploitation: remote, versus server
Date: 14 November 2004
Author: Luigi Auriemma
e-mail: aluigi@altervista.org
web: http://aluigi.altervista.org
#######################################################################
1) Introduction
2) Bug
3) The Code
4) Fix
#######################################################################
===============
1) Introduction
===============
Army Men RTS is a real-time strategy game developed by Pandemic Studios
(http://www.pandemicstudios.com) and released in March 2002.
#######################################################################
======
2) Bug
======
The game server is affected by a format string bug in the name of the
player that joins in it.
#######################################################################
===========
3) The Code
===========
Join a server using the nickname %n%n%n, it will crash immediately.
#######################################################################
======
4) Fix
======
No fix.
The game is no longer supported.
#######################################################################
---
Luigi Auriemma
http://aluigi.altervista.org
- Previous message: Bart.Lansing_at_kohls.com: "Re: [Full-Disclosure] Re: U.S. 2004 Election Fraud."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
