Remote server crash in Haegemonia <= 1.07

Type securityvulns
Reporter Securityvulns
Modified 2004-02-26T00:00:00


                         Luigi Auriemma

Application: Haegemonia Versions: <= 1.07 Platforms: Windows Bug: reading of unallocated memory (crash) Risk: high Exploitation: remote, versus server Date: 24 Feb 2004 Author: Luigi Auriemma e-mail: web:

1) Introduction 2) Bug 3) The Code 4) Fix

=============== 1) Introduction ===============

Haegemonia is a strategic space combat game developed by Digital Reality ( released in the 2002. This game has excellent ambient musics but its network protocol seems a bit bugged...

====== 2) Bug ======

The bug is a classical reading of unallocated memory caused by the sending of a packet containing a chat message with a too big 32bit number identifying the length of the message.

=========== 3) The Code ===========

====== 4) Fix ======

No fix. Developers have not replied to my mails.

Luigi Auriemma