<!DOCTYPE HTML PUBLIC "html.dtd">
<HTML>
<HEAD>
<TITLE> ATTRITION Advisory Archive</TITLE>
</HEAD>
<BODY BGCOLOR="#000000" VLINK="#C0C0C0" TEXT="#FFFFFF" LINK="#FF0000" ALINK="#FF0000">
<PRE>

r00t advisory [ Madden 97, Madden 64 ] [ Nov 25 1997 ] 

-- Platform:  Sony Playstation
    Nintendo 64

-- Program:  Madden '97 (John Madden Football)

-- Info:  Sony and Nintendo have been notified of this vulnerability,
    but do not see this problem as being a security risk.  
    Perhaps they have not seen the sort of people that play
    these games for hours on end.

-- Synopsis:  A vulnerability exists in Madden 64 that allows local users
    to lock up the system, thus rendering the system unusable
    and forcing the administrator to reboot the machine.

-- Exploit:  This problem is very hard to exploit and r00t presumes
    that the majority of the security community does not 
    widely understand the vulnerability.  We don't expect the
    average BUGTRAQ reader to understand this vulnerability
    since there is no exploit script.

    When an offensive player (with the ball) is running down
    the field, he has the option to pitch the ball backwards
    to a player in order to block a persuing defensive player
    and allow for a gain in yardage.  If the player that
    receives the pitch is standing out of bounds, the system
    crashes.

-- Fixes:   To follow r00t's workaround tradition, we recommend that 
    you downgrade to Madden 96.

r00t -- we're on the move
http://www.r00t.org 

</PRE>
</BODY>
</HTML>