Originally Published: Friday, 10 December 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

Xshipwars remote overflow for versions <=1.24

It appears the server trusts the client not to be silly: "Xshipwars is a server/client combination that allows you to play a little game with good sounds and graphics over tcp/ip on linux or windows... If you replace this function in netsend.c with the stuff at the bottom of this file, log into your (or another) server and type "e" and then hit enter in the dialog box, it will crash, possibly running the shellcode, which currently calls /tmp/xx. Shellcode could be created that does something more interesting, but this is just a demo exploit."