SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Game)  >   Haegemonia Vendors:   Digital Reality, Wanadoo
Haegemonia Game Packet Length Index Overflow Lets Remote Users Deny Service
SecurityTracker Alert ID:  1009205
SecurityTracker URL:  http://securitytracker.com/id/1009205
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Feb 25 2004
Impact:   Denial of service via network
Exploit Included:  Yes  
Version(s): 1.07 and prior versions
Description:   A vulnerability was reported in the Haegemonia game. A remote user can cause the game server to crash.

Luigi Auriemma reported that a remote user can send a chat message packet that contains a value identifying the length of the message that is longer than it should be given the actual length of the message. This will cause the application to read from unallocated memory and crash, the report said.

A demonstration exploit is available at:

http://aluigi.altervista.org/poc/hgmcrash.zip

The vendor has reportedly been notified.

Impact:   A remote user can cause the game server to crash.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.haegemonia.com/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  Remote server crash in Haegemonia <= 1.07



#######################################################################

                             Luigi Auriemma

Application:  Haegemonia
              http://www.haegemonia.com
Versions:     <= 1.07
Platforms:    Windows
Bug:          reading of unallocated memory (crash)
Risk:         high
Exploitation: remote, versus server
Date:         24 Feb 2004
Author:       Luigi Auriemma
              e-mail: aluigi@altervista.org
              web:    http://aluigi.altervista.org


#######################################################################


1) Introduction
2) Bug
3) The Code
4) Fix


#######################################################################

===============
1) Introduction
===============


Haegemonia is a strategic space combat game developed by Digital
Reality (http://www.digitalreality.hu) released in the 2002.
This game has excellent ambient musics but its network protocol seems a
bit bugged...


#######################################################################

======
2) Bug
======


The bug is a classical reading of unallocated memory caused by the
sending of a packet containing a chat message with a too big 32bit
number identifying the length of the message.


#######################################################################

===========
3) The Code
===========


http://aluigi.altervista.org/poc/hgmcrash.zip


#######################################################################

======
4) Fix
======


No fix.
Developers have not replied to my mails.


#######################################################################


--- 
Luigi Auriemma
http://aluigi.altervista.org

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC