Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Crash in Alpha Black Zero 1.04

from [Luigi Auriemma] Network Security [Permanent Link]
Subject: Crash in Alpha Black Zero 1.04
Date: Wed, 29 Sep 2004 21:11:57 +0000 

#######################################################################

                             Luigi Auriemma

Application:  Alpha Black Zero: Intrepid Protocol
              http://www.playlogicgames.nl/abz/
Versions:     <= 1.04
Platforms:    Windows
Bug:          crash
Risk:         medium
Exploitation: remote, versus server
Date:         29 September 2004
Author:       Luigi Auriemma
              e-mail: aluigi@altervista.org
              web:    http://aluigi.altervista.org


#######################################################################


1) Introduction
2) Bug
3) The Code
4) Fix


#######################################################################

===============
1) Introduction
===============


Alpha Black Zero (ABZ) is a third person strategic shooter developed by
Khaeon (http://www.khaeon.nl) and released in August 2004.


#######################################################################

======
2) Bug
======


Like any existent game, also ABZ supports a maximum nuber of players in
multiplayer mode.
The problem is that players are not limited by the server which crashs
if too much clients tries to join.
Then the possibility to emulate a join request with only one UDP packet
makes the bug very easy to exploit.


#######################################################################

===========
3) The Code
===========


http://aluigi.altervista.org/poc/abzboom.zip


#######################################################################

======
4) Fix
======


No fix.
The game is no longer supported.


#######################################################################


--- 
Luigi Auriemma
http://aluigi.altervista.org
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Crash in Alpha Black Zero 1.04, Luigi Auriemma <=
Previous by Date:  Re: Default username/password pairs in ON Command CCM 5.x database backend, Sep 20 2004 2:24PM, Sym Security
Next by Date:  Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes, Casper Dik
Previous by Thread:  Re: Default username/password pairs in ON Command CCM 5.x database backend, Sep 20 2004 2:24PM, Sym Security
Next by Thread:  @lex Guestbook (PHP) Include file, Himeur Nourredine
Indexes:  [Date] [Thread] [Top] [All Lists]