Application: Tincat network library http://www.tincat.de Versions: Release 2 < 2.0.28 Release 1 should be not vulnerable Games: - Sacred <= 18.104.22.168 - The Settlers: Heritage of Kings <= 1.02 - other applications, a partial list in german is available at the following link but I cannot confirm if they are vulnerable: http://www.tincat.de/index.php?topic=5 Platforms: Windows, Linux and Sun Solaris Bug: buffer-overflow Exploitation: remote, versus server Date: 28 Mar 2005 Author: Luigi Auriemma e-mail: firstname.lastname@example.org web: http://aluigi.altervista.org
1) Introduction 2) Bug 3) The Code 4) Fix
=============== 1) Introduction ===============
Tincat is a network library for games and has been developed by the german guys of Instance Four (http://www.instancefour.com). It is used in some games like the recents and well known Sacred (http://www.sacred-game.com) and The Settlers: Heritage of Kings (http://www.thesettlers.com).
====== 2) Bug ======
The library is affected by a buffer-overflow in the function that logs the players entered in the server letting an attacker to execute malicious code on the victim system.
=========== 3) The Code ===========
====== 4) Fix ======
The library has been patched from build 28 (2.0.28).
Actually "The Settlers: Heritage of Kings" 1.03 is the only game that uses the new patched library.
Luigi Auriemma http://aluigi.altervista.org