MidnightBSD

Advisories for gamespy

CVE-2003-0650 HIGH

Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, possibly versions before 1.3e, allows remote attackers to overwrite arbitrary files and execute arbitrary code via .. (dot dot) sequences in filenames in a .APK (Zip) file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gamespy arcade *
CVE-2003-0767 HIGH

Buffer overflow in RogerWilco graphical server 1.4.1.6 and earlier, dedicated server 0.32a and earlier for Windows, and 0.27 and earlier for Linux and BSD, allows remote attackers to cause a denial of service and execute arbitrary code via a client request with a large length value.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gamespy roger_wilco_dedicated_server 0.29
gamespy roger_wilco_graphical_server 1.4.1.5
gamespy roger_wilco_graphical_server 1.4.1.2
gamespy roger_wilco_dedicated_server 0.27
gamespy roger_wilco_dedicated_server 0.26
gamespy roger_wilco_graphical_server 1.4.1.4
gamespy roger_wilco_graphical_server 1.4.1.3
gamespy roger_wilco_dedicated_server 0.28
gamespy roger_wilco_graphical_server 1.4.1.6
gamespy roger_wilco_dedicated_server 0.30a
gamespy roger_wilco_graphical_server 1.4.1.1
CVE-2004-2449 MEDIUM

Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier allows remote attackers to cause a denial of service (application crash) via a long, malformed UDP datagram.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gamespy roger_wilco_dedicated_server 0.29
gamespy roger_wilco_graphical_server 1.4.1.5
gamespy roger_wilco_graphical_server 1.4.1.2
gamespy roger_wilco_dedicated_server 0.27
gamespy roger_wilco_dedicated_server 0.26
gamespy roger_wilco_graphical_server 1.4.1.4
gamespy roger_wilco_graphical_server 1.4.1.3
gamespy roger_wilco_dedicated_server 0.28
gamespy roger_wilco_graphical_server 1.4.1.6
gamespy roger_wilco_dedicated_server 0.30a
gamespy roger_wilco_graphical_server 1.4.1.1
CVE-2004-2450 MEDIUM

The client and server for Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier report sensitive information such as IDs and source IP addresses, which allows remote attackers to obtain sensitive information.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gamespy roger_wilco_dedicated_server 0.29
gamespy roger_wilco_dedicated_server 0.27
gamespy roger_wilco_dedicated_server 0.28
gamespy roger_wilco_graphical_server 1.4.1.6
gamespy roger_wilco_graphical_server 1.4.1.5
gamespy roger_wilco_graphical_server 1.4.1.2
gamespy roger_wilco 1.4.1.6
gamespy roger_wilco_dedicated_server 0.26
gamespy roger_wilco_graphical_server 1.4.1.4
gamespy roger_wilco_graphical_server 1.4.1.3
gamespy roger_wilco 1.4.1.2
gamespy roger_wilco_dedicated_server 0.30a
gamespy roger_wilco_graphical_server 1.4.1.1
gamespy roger_wilco_mark 1d3
CVE-2005-1504 MEDIUM

GameSpy SDK CD-Key Validation Toolkit, as used by many online games, allows remote attackers to bypass the CD key validation by sending a spoofed \disc\ command, which tells the server the CD key is no longer in use.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gamespy cd-key_validation_system *
CVE-2005-1556 MEDIUM

Gamespy cd-key validation system allows remote attackers to cause a denial of service (cd-key already in use) by capturing and replaying a cd-key authorization session.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gamespy gamespy_sdk_cd-key_validation_toolkit *