[VSA0305] HLTV remote DoS

2003-01-11T00:00:00
ID SECURITYVULNS:DOC:3968
Type securityvulns
Reporter Securityvulns
Modified 2003-01-11T00:00:00

Description

[void.at Security Advisory VSA0305]

HLTV offers the ability to have thousands of spectators watch online games on Half-Life-servers.

Overview

By sending a specially crafted packet to the hltv-server, an attacker can cause the server to crash.

Affected Versions

The one that comes with hlds 3.1.1.0; possibly others.

Impact

Medium. The remote server simply crashes.

Details

Packets querying things like player-status etc always start with \xff\xff\xff\xff, followed by a query command and terminated by a \0.

When you simply send \xff\xff\xff\xff\0 to the server, it crashes.

Solution

Vendor patch needed!

Exploit

Come on :-)

Discovered by

greuff <greuff@void.at>

Credits

void.at everyone who was at 19c3