Advisory Name: "Starsiege: Tribes" DoS Release Date: 07/14/2003 Discovered: 06/09/2003 Application: Tribes.exe Platform: PC with Windows 2k; others not tested Severity: High Discovery: JadaCyruS <[EMAIL PROTECTED]> Author: st0ic <[EMAIL PROTECTED]> Vendor: Sierra Entertainment - http://www.sierra.com/
Overview:
Sierra's "StarSiege: Tribes" game is vulnerable to a DoS (Denial of
Service) attack when running.
Technical Overview:
This vulnerability is exploited by sending a malformed UDP
(User-Datagram
Protocol) packet containing 255 arbitrary characters to the affected host on
the
game port (usually 28001) causing the host server to crash. If The server is
running with help from InfiniteSpawn.exe, a program provided by the vendor
that
re-spawns the server when terminated, the server will be re-activated, but
all
previous game play and players are lost and disconnected.
Fix:
Contacted Sierra over a month ago and we were "forwarded to their
database
admin" from which we received no further feedback. So, no vendor fix
available.
Exploit:
Attached PHP and C source code files.
Notes:
Tribes 2 (PC) and Tribes Aerial Assault (Playstation 2) are untested as
no
one at Fsix owns a copy of them. Lets hope there not vuln.
-st0ic
[http://www.fsix.net/]
byebye_tribes.zip
Description: Zip compressed data
byebye_tribes.phps
Description: Binary data
