Response from Activision re: RTCW?

From: Mark Spencer (dreadnought@arsenal.net)
Date: 03/10/02 

From: "Mark Spencer" <dreadnought@arsenal.net>
To: <incidents@securityfocus.com>
Date: Sun, 10 Mar 2002 08:14:38 -0800

While running a Return to Castle Wolfenstein server on a W2K Advanced box, I
noticed what appeared to be a couple buffer overflow attempts in the server
command window. I sent the following to Activision and they didn't give me
much of an answer. So this is a two part question, hopefully to the correct
forum:

1.) I'm assuming this is poor business practice to recommend I go to fan
sites to research something as critical as security issues?

and

2.) Are there known RTCW exploits? I haven't been able to find any
information on this.

Here's the deal:

Hello,

Thank you for your interest and support in Activision.

Unfortunately, Activision only provides support for enabling a basic
dedicated server. For any advanced configuration issues, network
troubleshooting, or if you just need more information you may want to try
looking over fan sites for Return to Castle Wolfenstein and Quake III Arena.
www.planetwolfenstein.com/server
www.3dactionplanet.com/wolfenstein
www.planetquake.com

Customer (Mark) 02/04/2002 02:41 PM
Are there any known server exploits for Return to Castle Wolfenstein? I've
seen some strange things in the dedicated server window that look like
buffer overflow attempts.

If there is a better place to ask (the developer?) please let me know the
email address.

Thanks,

Mark

----------------------------------------------------
Sign Up for NetZero Platinum Today
Only $9.95 per month!
http://my.netzero.net/s/signup?r=platinum&refcd=PT97

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

Relevant Pages

  • [NT] Multiple Vulnerabilities in JanaServer
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Windows platform can act as HTTP/FTP/NEWS/SNTP server, ... JanaServer up to 1.46 was freeware, ... HTTP server buffer overflow ...
    (Securiteam)
  • Switch Off Multiple Vulnerabilities
    ... Stack-based Buffer Overflow ... execute arbitrary code on the remote system - possibly with SYSTEM ... cause the server to execute a specially crafted request which will trigger ... vulnerability before such code is made public, ...
    (Bugtraq)
  • [VulnWatch] Switch Off Multiple Vulnerabilities
    ... Stack-based Buffer Overflow ... execute arbitrary code on the remote system - possibly with SYSTEM ... cause the server to execute a specially crafted request which will trigger ... vulnerability before such code is made public, ...
    (VulnWatch)
  • Remote buffer overflow in MailEnable IMAP service [Hat-Squad Advisory]
    ... MailEnable's Mail Server software provides a enterprise messaging platform for Microsoft Windows NT/2000/XP/2003 systems. ... Two vulnerabilities were discovered by Hat-Squad Team in MailEnable's IMAP service including a stack based buffer overflow ... and an object pointer overwrite, both can lead to remote execution of arbitrary code. ... 8198 bytes will cause a stack buffer overflow.This vulnerability can be triggered before any kind of authentification. ...
    (Bugtraq)
  • [VulnWatch] IA WebMail Server 3.x Buffer Overflow Vulnerability
    ... IA WebMail Server 3.x Buffer Overflow Vulnerability ... the execution of a 'retn' instruction. ... It is also possible to execute a fairly large amount of code ...
    (VulnWatch)