Advisory Name: "Starsiege: Tribes" DoS Release Date: 07/14/2003 Discovered: 06/09/2003 Application: Tribes.exe Platform: PC with Windows 2k; others not tested Severity: High Discovery: JadaCyruS <jadacyrusat_private> Author: st0ic <st0icat_private> Vendor: Sierra Entertainment - http://www.sierra.com/ Overview: Sierra's "StarSiege: Tribes" game is vulnerable to a DoS (Denial of Service) attack when running. Technical Overview: This vulnerability is exploited by sending a malformed UDP (User-Datagram Protocol) packet containing 255 arbitrary characters to the affected host on the game port (usually 28001) causing the host server to crash. If The server is running with help from InfiniteSpawn.exe, a program provided by the vendor that re-spawns the server when terminated, the server will be re-activated, but all previous game play and players are lost and disconnected. Fix: Contacted Sierra over a month ago and we were "forwarded to their database admin" from which we received no further feedback. So, no vendor fix available. Exploit: Attached PHP and C source code files. Notes: Tribes 2 (PC) and Tribes Aerial Assault (Playstation 2) are untested as no one at Fsix owns a copy of them. Lets hope there not vuln. -st0ic [http://www.fsix.net/]
This archive was generated by hypermail 2b30 : Mon Jul 14 2003 - 10:56:36 PDT