lfnetwork.com mark read register faq members calendar

Thread: New way to crash a server
Thread Tools Display Modes
Post a new thread. Add a reply to this thread. Indicate all threads in this forum as read. Subscribe to this forum. RSS feed: this forum RSS feed: all forums
Old 10-16-2006, 02:30 AM   #1
jedi-Guard
Rookie
 
Join Date: Sep 2005
Posts: 207
New way to crash a server

Hello fellows of the jedi.
I need help as allways, there is a new way to crash a server and i have no idea how to fix it.
The link where the fix should be, doesnt work.
If you try the link with the q3infoboom.zip, it works, it has couple of files which looks very weird, i heard it should be the client file to attack the server, but am paranoid, i never double click on something that i dont know for sure what it is.

the q3fix.zip doesnt work

Read Below

################################################## #####################

Luigi Auriemma

Application: Quake 3 engine
http://www.idsoftware.com
Games: - Call of Duty <= 1.5b
- Call of Duty: United Offensive <= 1.51b
- Heavy Metal: F.A.K.K.2 <= 1.02
- Quake III Arena <= 1.32c
- Return to Castle Wolfenstein <= 1.41b
- Soldier of Fortune II: Double Helix <= 1.03
- Star Trek Voyager: Elite Force <= 1.20
- Star Trek: Elite Force II <= 1.10
- Star Wars Jedi Knight II: Jedi Outcast <= 1.04
- Star Wars Jedi Knight: Jedi Academy <= 1.011
- Wolfenstein: Enemy Territory <= 1.02 / 2.56
...possibly others
Platforms: Windows, Linux and Mac
Bug: crash or shutdown caused by incorrect handling of big
queries
Exploitation: remote, versus server
Date: 12 Feb 2005
Author: Luigi Auriemma
e-mail: aluigi@autistici.org
web: aluigi.org


################################################## #####################


1) Introduction
2) Bug
3) The Code
4) Fix


################################################## #####################

===============
1) Introduction
===============


The Quake 3 engine is the well known game engine developed by ID
Software (http://www.idsoftware.com) and is used by many games.

Some months ago I reported similar problems in three games based on
this engine: Medal of Honor, Call of Duty and Soldier of Fortune II.
Except for Medal of Honor that is affected by a specific buffer
overflow, the other two games can be "probably" included in this
advisory too but I'm not totally sure.


################################################## #####################

======
2) Bug
======


The Quake 3 engine has problems to handle big queries allowing an
attacker to shutdown any game server based on this engine:

ERROR: Info_SetValueForKey: oversize infostring

In some of the vulnerable games is also possible to crash the server.


################################################## #####################

===========
3) The Code
===========


http://aluigi.org/poc/q3infoboom.zip

A simple scanner for testing any game based on the Quake 3 engine.


################################################## #####################

======
4) Fix
======


Only the two Linux versions Call of Duty games have been fixed with the
1.5b and 1.51b patches, while all the others are still vulnerable
(included the Windows version of Call of Duty!).

I have released an universal patcher that limits the amount of handled
data in the queries from 1023 to 512 solving the problem in any game:

http://aluigi.org/patches/q3infofix.zip


################################################## #####################
jedi-Guard is offline   you may: quote & reply,
Post a new thread. Add a reply to this thread. Indicate all threads in this forum as read. Subscribe to this forum. RSS feed: this forum RSS feed: all forums
Go Back   LucasForums > Network > JediKnight Series > Help Center > Dedicated Server > New way to crash a server

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 04:32 PM.

LFNetwork, LLC ©2002-2011 - All rights reserved.
Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.