World in Conflict GetMagicNumberString函数远程拒绝服务漏洞

BUGTRAQ ID: 25985 World in Conflict是Massive娱乐公司开发的一款RTS即时战略游戏。 World in Conflict处理畸形请求数据时存在漏洞，远程攻击者可能利用此漏洞导致服务器程序崩溃。 World in Conflict游戏服务器的GetMagicNumberString函数在VOIP端口52999上获得从客户端接受到数据的第三个字节，如果这个值有效的话就返回文本字符串，如果无效的话返回NULL，然后该函数的返回的字符串会与另一个字符串做比较，这里会出现空指针访问，导致服务器崩溃。 Massive Entertainment World i...

NULL pointer crash in World in Conflict 1.000

Luigi Auriemma Application: World in Conflict http://www.worldinconflict.com Versions: = 1.000 Platforms: Windows Bug: access to NULL pointer Exploitation: remote, versus server Date: 09 Oct 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4...

CVE-2007-5369

The CVE concerns Massive Entertainment’s World in Conflict (version 1.000 and earlier). The vulnerability stems from the GetMagicNumberString function, where processing a crafted string sent to the VoIP port 52999/tcp can trigger a NULL dereference and cause a daemon crash, resulting in a denial ...