[Full-disclosure] NULL pointer crash in World in Conflict 1.000

### Luigi Auriemma Application: World in Conflict http://www.worldinconflict.com Versions: = 1.000 Platforms:Windows Bug: access to NULL pointer Exploitation: remote

[Full-disclosure] Format string in The Dawn of Time 1.69s beta4

### Luigi Auriemma Application: The Dawn of Time http://www.dawnoftime.org Versions: = 1.69s beta4 (and 1.69r too) Platforms:*nix and Windows Bug: format string

[Full-disclosure] Multiple vulnerabilities in Dropteam 1.3.3

### Luigi Auriemma Application: Dropteam http://www.battlefront.com/products/dropteam/news.html Versions: = 1.3.3 Platforms:Windows, Linux and Mac Bugs: A] format

[Full-disclosure] Unexploitable buffer-overflow in America's Army 2.8.2 through PB

### Luigi Auriemma Application: America's Army and America's Army Special Forces http://www.americasarmy.com Versions: = 2.8.2 Platforms:Windows, Linux and Mac Bugs

[Full-disclosure] Format string in F.E.A.R. 1.08 through PB

### Luigi Auriemma Application: F.E.A.R. (First Encounter Assault Recon) http://www.whatisfear.com Versions: = 1.08 Platforms:Windows and Linux Bug: format string

[Full-disclosure] Format string in the Doom 3 engine through PB

### Luigi Auriemma Application: Doom 3 engine Games:Doom 3 (http://www.doom3.com)= 1.3.1 Quake 4(http://www.quake4game.com) = 1.4.2

[Full-disclosure] Two buffer-overflow in FSD V2.052 d9 and FSFDT V3.000 d9

### Luigi Auriemma Application: FSD http://www.mcdu.com/en/download.php Versions: = V2.052 d9 (original FSD) and V3.000 d9 (FSFDT FSD) Platforms:Windows and *nix Bugs

[Full-disclosure] Multiple vulnerabilities in the gMotor2 engine

advisory since I have NOT performed further and specific research except a new proof-of-concept) is available here: http://aluigi.org/adv/gmotor2-adv.txt --- Luigi Auriemma http://aluigi.org http://mirror.aluigi.org ___ Full-Disclosure - We believe

[Full-disclosure] Format string and clients disconnection in Alien Arena 2007 6.10

### Luigi Auriemma Application: Alien Arena 2007 http://red.planetarena.org Versions: = 6.10 and current SVN Platforms:Windows and Linux Bugs: A] in-game format string

[Full-disclosure] Multiple vulnerabilities in Doomsday 1.9.0-beta5.1

### Luigi Auriemma Application: Doomsday http://www.doomsdayhq.com http://www.dengine.net http://sourceforge.net/projects/deng/ Versions: = 1.9.0

[Full-disclosure] Heap overflow in Skulltag 0.97d-beta4.1

### Luigi Auriemma Application: Skulltag http://www.skulltag.com Versions: = 0.97d-beta4.1 Platforms:Windows and Linux Bug: heap-overflow Exploitation: remote, versus

[Full-disclosure] Buffer-overflow in the Asura engine

### Luigi Auriemma Application: Asura engine (network SDK) http://www.rebellion.co.uk Games:Rogue Trooper = 1.0 Prism: Guard

[Full-disclosure] Unexploitable buffer-overflow in the logging function of the Unreal engine

### Luigi Auriemma Application: Unreal engine http://www.unrealtechnology.com http://www.epicgames.com Versions: this engine is used in many games like Unreal

[Full-disclosure] Multiple vulnerabilities in rFactor 1.250

### Luigi Auriemma Application: rFactor http://www.rfactor.net Versions: = 1.250 Platforms:Windows Bugs: A] buffer-overflow B] Connection lost crash

[Full-disclosure] Multiple vulnerabilities in Toribash 2.71

### Luigi Auriemma Application: Toribash http://www.toribash.com Versions: = 2.71 Platforms:Windows, Mac and Linux Bugs: A] dedicated server format string

[Full-disclosure] Crash in Zoidcom 0.6.7

### Luigi Auriemma Application: Zoidcom http://www.zoidcom.com Versions: = 0.6.7 (some older version could be not vulnerable) Platforms:Windows, Linux and Mac Bug

[Full-disclosure] Multiple vulnerabilities in Babo Violent 2 2.08.00

### Luigi Auriemma Application: Babo Violent 2 http://www.rndlabs.ca http://baboviolent.net Versions: = 2.08.00 Platforms:Windows and Linux Bugs

[Full-disclosure] Multiple vulnerabilities in Live for Speed 0.5X10

### Luigi Auriemma Application: Live for Speed http://www.lfs.net Versions: = 0.5X10 Platforms:Windows Bugs: A] nickname buffer-overflow B] partial track

[Full-disclosure] Buffer-overflow in Conquest client 8.2a (svn 691)

### Luigi Auriemma Application: Conquest http://www.radscan.com/conquest.html Versions: = 8.2a (svn 691) Platforms:*nix and Windows Bugs: A] buffer-overflow

[Full-disclosure] Limited format string in Netrek 2.12.0

### Luigi Auriemma Application: Netrek http://www.netrek.org Versions: = 2.12.0 (Vanilla server) Platforms:*nix and Windows Bug: format string Exploitation: remote

[Full-disclosure] Players disconnection in Simbin racing games

### Luigi Auriemma Applications: games developed by SimBin Development Team http://www.simbin.se Versions: GTR - FIA GT Racing Game = 1.5.0.0

[Full-disclosure] Multiple buffer-overflows in libmusicbrainz 2.1.2

### Luigi Auriemma Application: libmusicbrainz http://musicbrainz.org/doc/libmusicbrainz Versions: = 2.1.2 and = SVN 8406 (current SVN) Platforms:Windows, *nix, *BSD, Mac

[Full-disclosure] Multiple buffer-overflows in AlsaPlayer 0.99.76

### Luigi Auriemma Application: AlsaPlayer http://www.alsaplayer.org Versions: = 0.99.76 and current CVS Platforms:*nix and others Bugs: A] buffer-overflow

[Full-disclosure] Stack and heap overflows in MODPlug Tracker/OpenMPT 1.17.02.43 and libmodplug 0.8

### Luigi Auriemma Application: OpenMPT (aka MODPlug Tracker) http://modplug.sourceforge.net http://www.modplug.com libmodplug http

[Full-disclosure] Multiple vulnerabilities in DConnect Daemon 0.7.0 (CVS 30 Jul 2006)

### Luigi Auriemma Application: DConnect Daemon http://www.dc.ds.pg.gda.pl Versions: = 0.7.0 and CVS = 30 Jul 2006 Platforms:Windows, *nix, *BSD and others Bugs

[Full-disclosure] Multiple vulnerabilities in Open Cubic Player 2.6.0pre6 / 0.1.10_rc5

### Luigi Auriemma Application: Open Cubic Player http://www.cubic.org/player/ http://stian.lunafish.org/coding-ocp.php Versions: DOS/Windows = 2.6.0pre6

[Full-disclosure] Heap overflow in the GT2 loader of libmikmod 3.2.2

### Luigi Auriemma Application: libmikmod http://mikmod.raphnet.net http://sourceforge.net/projects/mikmod/ Versions: = 3.2.2 and current CVS versions

[Full-disclosure] Buffer-overflow in the XM loader of Cheese Tracker 0.9.9

### Luigi Auriemma Application: Cheese Tracker http://reduz.com.ar/cheesetracker/ http://sourceforge.net/projects/cheesetronic Versions: = 0.9.9 and current CVS

[Full-disclosure] Buffer-overflow in recvTextMessage and NETrecvFile in Warzone Resurrection 2.0.3 (SVN 127)

### Luigi Auriemma Application: Warzone Resurrection http://home.gna.org/warzone/ (Warzone 2100 http://www.strategyplanet.com/warzone2100/) Versions: = 2.0.3 and SVN

[Full-disclosure] Two crash vulnerabilities in Freeciv 2.1.0-beta1 (SVN 15 Jul 2006)

### Luigi Auriemma Application: Freeciv http://www.freeciv.org Versions: = 2.1.0-beta1 and SVN = 15 Jul 2006 Platforms:Windows, *nix, *BSD, MacOS and more Bugs

[Full-disclosure] Multiple vulnerabilities in UFO2000 svn 1057

### Luigi Auriemma Application: UFO2000 http://ufo2000.sourceforge.net Versions: = SVN 1057 Platforms:Windows, *nix, *BSD, Mac and more Bugs: A] buffer-overflow

[Full-disclosure] Format string bug in Sparklet 0.9.4try3

### Luigi Auriemma Application: Sparklet http://sparklet.sourceforge.net Versions: = 0.9.4try3 Platforms:Windows, *nix, *BSD and more Bug: format string in client's

[Full-disclosure] Possible code execution in Kaillera 0.86

### Luigi Auriemma Application: Kaillera http://www.kaillera.com Versions: = 0.86 Platforms:Windows, Linux and FreeBSD Bug: buffer-overflow Exploitation: remote

[Full-disclosure] Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006)

### Luigi Auriemma Application: AdPlug http://adplug.sourceforge.net Versions: = 2.0 and CVS = 04 Jul 2006 Platforms:Windows, DOS, *nix, *BSD and more Bugs: A] heap

[Full-disclosure] Re: Files and cvars overwriting in Quake 3 engine (1.32c / rev 803 / ...)

during the same server session and don't know why). BYEZ --- Luigi Auriemma http://aluigi.org http://mirror.aluigi.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia

[Full-disclosure] Files and cvars overwriting in Quake 3 engine (1.32c / rev 803 / ...)

### Luigi Auriemma Application: Quake 3 engine http://www.idsoftware.com http://www.icculus.org/quake3/ Versions: Quake 3 = 1.32c

[Full-disclosure] Client buffer-overflow in Quake 3 engine (1.32c / rev 795)

### Luigi Auriemma Application: Quake 3 engine http://www.idsoftware.com http://www.icculus.org/quake3/ Versions: Quake 3 = 1.32c

[Full-disclosure] Two heap overflow in libextractor 0.5.13 (rev 2832)

### Luigi Auriemma Application: libextractor http://gnunet.org/libextractor/ Versions: = 0.5.13 (rev 2832) Platforms:*nix, *BSD, Windows and more Bugs: A] heap

[Full-disclosure] Multiple vulnerabilities in Raydium rev 309

### Luigi Auriemma Application: Raydium http://raydium.org Versions: = SVN revision 309 (newer versions can be vulnerable to some of the bugs which

[Full-disclosure] Buffer-overflow and NULL pointer crash in Genecys 0.2

### Luigi Auriemma Application: Genecys http://www.genecys.org Versions: = 0.2 and current CVS Platforms:*nix and *BSD Bugs: A] tell_player_surr_changes buffer

[Full-disclosure] Server crash in Empire 4.3.2

### Luigi Auriemma Application: Empire http://www.wolfpackempire.com http://sourceforge.net/projects/empserver Versions: = 4.3.2 Platforms:Windows, *nix, *BSD

[Full-disclosure] Multiple vulnerabilities in Outgun 1.0.3 bot 2

### Luigi Auriemma Application: Outgun http://koti.mbnet.fi/outgun/ Versions: = 1.0.3 bot 2 Platforms:Windows, *nix, *BSD and more Bugs: A] data_file_request buffer

[Full-disclosure] Socket unreachable in GNUnet rev 2780

### Luigi Auriemma Application: GNUnet http://www.gnunet.org Versions: = 0.7.0d and revision 2780 Platforms:Windows, *nix, *BSD, Mac and more Bug: UDP socket

[Full-disclosure] Denial of service bugs in OpenTTD 0.4.7

### Luigi Auriemma Application: OpenTTD http://www.openttd.org Versions: = 0.4.7 Platforms:Windows, *nix, *BSD, Mac and others Bugs: A] program termination through big

[Full-disclosure] Re: Buffer-overflow in [EMAIL PROTECTED] 1.0.1 viewer and server

-in webserver used for allowing the clients to download the Java viewer. The service runs on port 5800 and is enabled by default. BYEZ --- Luigi Auriemma http://aluigi.altervista.org ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] Buffer-overflow in [EMAIL PROTECTED] 1.0.1 viewer and server

### Luigi Auriemma Application: [EMAIL PROTECTED] http://www.ultravnc.com http://ultravnc.sourceforge.net Versions: = 1.0.1 (and current CVS

[Full-disclosure] Format string in Doomsday 1.8.6

### Luigi Auriemma Application: Doomsday engine http://www.doomsdayhq.com http://deng.sourceforge.net Versions: = 1.8.6 (and current SVN 1.9.0) Platforms:Windows

[Full-disclosure] Buffer-overflow and in-game crash in Zdaemon 1.08.01

### Luigi Auriemma Application: Zdaemon http://www.zdaemon.org (and also X-Doom http://www.doom2.net/~xdoom/) Versions: = 1.08.01 Platforms:Windows and Linux

[Full-disclosure] Multiple vulnerabilities in ENet library (Jul 2005)

### Luigi Auriemma Application: ENet library http://enet.bespin.org Versions: = Jul 2005 (it's the current CVS version) Platforms:Windows, *nix, *BSD and more Bugs

[Full-disclosure] Multiple vulnerabilities in Alien Arena 2006 GE 5.00

### Luigi Auriemma Application: Alien Arena 2006 Gold Edition http://red.planetarena.org Versions: = 5.00 Platforms:Windows and Linux Bugs: A] safe_cprintf server

[Full-disclosure] Out of memory crash in Freeciv 2.0.7

### Luigi Auriemma Application: Freeciv http://www.freeciv.org Versions: = 2.0.7 Platforms:Windows, *nix, *BSD, MacOS and more Bug: bad memory allocation Exploitation

[Full-disclosure] Multiple vulnerabilities in Sauerbraten engine 2006_02_28

### Luigi Auriemma Application: Sauerbraten engine http://sauerbraten.org Versions: = 2006_02_28 and current CVS Platforms:Windows, *nix, *BSD and MacOS Bugs

[Full-disclosure] Multiple vulnerabilities in Liero Xtreme 0.62b

### Luigi Auriemma Application: Liero Xtreme http://lieroxtreme.thegaminguniverse.com Versions: = 0.62b Platforms:Windows Bugs: A] server crash/freeze B

[Full-disclosure] Multiple vulnerabilities in Cube engine 2005_08_29

### Luigi Auriemma Application: Cube engine http://www.cubeengine.com Versions: = 2005_08_29 Platforms:Windows, *nix, *BSD and MacOS Bugs: A] sgetstr() buffer-overflow

[Full-disclosure] Soldier of Fortune II format string through PunkBuster 1.180

### Luigi Auriemma Application: Soldier of Fortune II with PunkBuster enabled http://www.ravensoft.com/soldier2.html http://www.PunkBuster.com Versions: PB

[Full-disclosure] Buffer-overflow in GO-Global for Windows 3.1.0.3270

### Luigi Auriemma Application: GO-Global for Windows http://www.graphon.com/products/GO-GlobalforWindows.shtml Versions: = 3.1.0.3270 Platforms:Server: Windows

[Full-disclosure] Buffer-overflow in Glider collect'n kill 1.0.0.0

### Luigi Auriemma Application: Glider collect'n kill http://www.glider-game.com Versions: 1.0.0.0 Platforms:Windows Bug: buffer-overflow Exploitation: remote, versus

[Full-disclosure] Limited directory traversal in NeroNET 1.2.0.2

### Luigi Auriemma Application: NeroNET http://www.nero.com Versions: = 1.2.0.2 Platforms:Windows Bug: limited directory traversal Exploitation: remote Date

[Full-disclosure] Buffer-overflow and directory traversal in Asus Video Security 3.5.0.0

### Luigi Auriemma Application: Asus Video Security http://www.asus.com/products1.aspx?l1=2share=icon/12 Versions: = 3.5.0.0 (the version number is chaotic, this one

[Full-disclosure] Buffer-overflow and crash in FlatFrag 0.3

### Luigi Auriemma Application: FlatFrag http://www.tzi.de/~jfk/projects/flatfrag/ Versions: = 0.3 Platforms:Windows, Linux and more Bugs: A] buffer-overflow

[Full-disclosure] Socket termination in Battle Carry .005

### Luigi Auriemma Application: Battle Carry http://www.battlecarry.com Versions: = .005 Platforms:Windows Bug: socket termination Exploitation: remote, versus server

[Full-disclosure] F.E.A.R. 1.01 likes lithsock

in the retail game released in October but also in the 1.01 patch released just 4 days ago. The original advisory and proof-of-concept I released in the far December 2004 are available here: http://aluigi.altervista.org/adv/lithsock-adv.txt http://aluigi.altervista.org/poc/lithsock.zip --- Luigi

[Full-disclosure] Buffer-overflow and directory traversal bugs in Virtools Web Player 3.0.0.100

### Luigi Auriemma Application: Virtools Web Player and probably also other applications which can read the Virtools files but I can't test http://www.virtools.com

[Full-disclosure] Server crash and motd deletion in MultiTheftAuto 0.5 patch 1

### Luigi Auriemma Application: MultiTheftAuto http://www.multitheftauto.com Versions: = 0.5 patch 1 Platforms:Windows, Linux, FreeBSD and OpenBSD Bugs: A] anyone can

[Full-disclosure] Multiple vulnerabilities in BFCommand Control for Battlefield 1942 and Vietnam

### Luigi Auriemma Application: BFCommand Control Server Manager http://www.bfcommandcontrol.org Versions: BFCC = 1.22_A BFVCC = 2.14_B BFVCCDaemon

[Full-disclosure] Buffer-overflow in Chris Moneymaker's World Poker Championship 1.0

### Luigi Auriemma Application: Chris Moneymaker's World Poker Championship http://moneymakergaming.com Versions: 1.0 Platforms:Windows Bug: buffer-overflow

[Full-disclosure] Endless loop in NetPanzer 0.8

### Luigi Auriemma Application: NetPanzer http://netpanzer.berlios.de Versions: = 0.8 Platforms:Windows, Linux and Mac Bugs: endless loop Exploitation: remote, versus

[Full-disclosure] Crash in Stronghold 2 1.2

### Luigi Auriemma Application: Stronghold 2 http://www.stronghold2.com Versions: = 1.2 Platforms:Windows Bug: exception/crash Exploitation: remote, versus server

[Full-disclosure] Buffer-overflow in C'Nedra 0.4.0

### Luigi Auriemma Application: C'Nedra http://www.cnedra.org Versions: = 0.4.0 Platforms:Windows and Unix Bug: buffer-overflow in READ_TCP_STRING Exploitation

[Full-disclosure] Endless loop in Halo 1.06

### Luigi Auriemma Application: Halo: Combat Evolved http://www.microsoft.com/games/pc/halo.aspx Versions: = 1.06 and Custom Edition 1.00 Platforms:Windows Bug

[Full-disclosure] Format string and crash in Warrior Kings 1.3 and Battles 1.23

### Luigi Auriemma Application: Warrior Kings: Battles http://www.warriorkingsbattles.com Warrior Kings http://www.empireinteractive.com/games

[Full-disclosure] Crash in Zoidcom 1.0 beta 4

### Luigi Auriemma Application: Zoidcom http://www.zoidcom.com Versions: = 1.0 beta 4 Platforms:Windows and Linux Bug: access to unallocated memory Exploitation

[Full-disclosure] Gamespy cd-key validation system: Cd-key in use DoS versus many games

### Luigi Auriemma Application: Gamespy cd-key validation system http://www.gamespy.net Games:The amount of games that use this system is really huge, a small

[Full-disclosure] Gamespy cd-key validation system: Cd-key never in use

### Luigi Auriemma Application: Gamespy cd-key validation system http://www.gamespy.net Games:The amount of games that use this system is really huge, a small

[Full-disclosure] Clients format string and server crash in Mtp-Target 1.2.2

### Luigi Auriemma Application: Mtp-Target http://www.mtp-target.org Versions: = 1.2.2 Platforms:Windows and Linux Bugs: A] clients format string B

[Full-disclosure] Multiple vulnerabilities in Yager 5.24

### Luigi Auriemma Application: Yager http://www.yager-game.de Versions: = 5.24 Platforms:Windows Bugs: A] nickname buffer-overflow B] data block buffer

[Full-disclosure] In-game players kicking in the Quake 3 engine

### Luigi Auriemma Application: Quake 3 engine http://www.idsoftware.com Vulnerables: - Call of Duty = 1.5 - Call of Duty: United

[Full-disclosure] In-game server crash in Call of Duty 1.5b and United Offensive 1.51b

### Luigi Auriemma Applications: Call of Duty = 1.5b Call of Duty: United Offensive = 1.51b http://www.callofduty.com Platforms:Windows only

<    1   2