Info

Disclosure

May 12, 2006

Discovery

Unknown

Dates

Exploit

May 12, 2006

Solution

Unknown

Description

Outgun contains a flaw that may allow a remote denial of service. The issue is triggered when overly large packets with more than 512 bytes of data is received, and will result in loss of availability for the game.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Public

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Niko Ritari

Outgun

1.0.3 bot 2

References

Milw0rm: 1781
Exploit Database: 1781
Bugtraq ID: 17985
CVE ID: 2006-2400 (see also: NVD) 2006-2401 (see also: NVD)
Secunia Advisory ID: 20098
Related OSVDB ID: 25487 25489 25490
ISS X-Force ID: 26512
VUPEN Advisory: ADV-2006-1796
Other Advisory URL: http://aluigi.altervista.org/adv/outgunx-adv.txt
Generic Exploit URL: http://aluigi.org/poc/outgunx.zip
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0334.html
Vendor URL: http://koti.mbnet.fi/outgun/

Credit

Luigi Auriemma - aluigialtervista.org - http://aluigi.altervista.org

Direct URL: http://osvdb.org/25488