Read the q3unban_proxocket.txt file inside the package. q3unban plugin for proxocket 0.1 (q3unban_proxocket).Universal patcher which gets the original client executable of a game based on the Quake 3 engine and generates a new modified one which converts the ' ' chars in the commands sent by the client to carriage-returns for testing a vulnerability which allows to execute server's game commands through a malformed callvote.ĭetails of the vulnerability are available here and here.Įxamples of malformed callvote commands to use from the console of the modified game executable: Quake 3 engine Cbuf_Execute commands execution universal proof-of-concept 0.1 (q3cbufexec).Notes: the server must have the "Accept KeepAlive sessions" option enabled (it's automatically activated if "Enable DirectIn Performance optimization" is selected), then note that the default tcp port seems to be 5938 and not 5939. Half-Life broadcast client's buffer-overflow (versions 1.1.1.0) (game) Problems with the MODs of Half-Life 1.1.1.0 (game) SpeakFreely for Win 7.6a remote crash through malformed GIF (no tag) Half-Life's client 1.1.1.0 format string (mail sent to vuln-dev) (game) Xitami 2.5c1 server crash and possible code execution through malformed SSI files (no tag) Remote crash of Half-Life servers and clients (versions before the 07 July 2004) (game) Infostring crash and shutdown in the Quake 3 engine (game)Ĭall of Duty, Quake III Arena, Return to Castle Wolfenstein, Soldier of Fortune II, Star Trek Voyager: Elite Force, Star Trek: Elite Force II, Star Wars Jedi Knight II: Jedi Outcast, Star Wars Jedi Knight: Jedi Academy, Wolfenstein: Enemy Territory. In-game players kicking in the Quake 3 engine (game)Ĭall of Duty, Quake III Arena, Return to Castle Wolfenstein, Soldier of Fortune II, Star Wars Jedi Knight II: Jedi Outcast, Star Wars Jedi Knight: Jedi Academy and Wolfenstein: Enemy Territory Multiple vulnerabilities in Live for Speed 0.5X10 (game)ĭetails about the hlfreeze/hl-headnut/csdos/"Born to be pig" bugs (game) ĭenial of Service in PunkBuster ( and ) (game)Ĭlients buffer-overflow in Live for Speed 0.5Y (game)įormat string and buffer-overflow in CellFactor Revolution 1.03 (game) Unreal Tournament 3, Unreal Tournament 20, Dead Man's Hand, Pariah, WarPath, Postal2, Shadow Ops. įormat string in the Source engine (build 3933) (game)ĭenial of Service in PunkBuster () (game)Īmerica's Army 2/3, Battlefield 2*, Call of Duty 1/2/4/5, Crysis, DOOM 3, Enemy Territory, ETQW, FEAR, Fuel of War, Need for Speed, Quake 3/4, RTCW, Soldier of Fortune II, Wolfenstein. Half-Life 2, Counter-Strike Source, (Valve has confirmed also OrangeBox, Team Fortress 2, Left 4 Dead). NULL pointer in the Source engine (build 3933) with SourceTV disabled (game) Half-Life 2, Counter-Strike Source, OrangeBox, Team Fortress 2, Left 4 Dead. Server restart in Live for Speed S2 Z13 (game)įiles uploading vulnerabilities in the Source engine (build 39) (game) Ĭlient array overflow in id Tech 4 engine (game) Negative memcpy in id Tech 4 engine (game)Įnemy Territory: Quake Wars, Wolfenstein.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |