----------------------------------------------------------------------

Want a new IT Security job?

Vacant positions at Secunia:
http://secunia.com/secunia_vacancies/

----------------------------------------------------------------------

TITLE:
GameSpy CD-Key Validation Toolkit Key Denial of Service

SECUNIA ADVISORY ID:
SA15254

VERIFY ADVISORY:
http://secunia.com/advisories/15254/

CRITICAL:
Less critical

IMPACT:
Security Bypass, DoS

WHERE:
>From remote

SOFTWARE:
GameSpy SDK CD-Key Validation Toolkit
http://secunia.com/product/4374/

DESCRIPTION:
Luigi Auriemma has reported a vulnerability in GameSpy SDK CD-Key
Validation Toolkit, which can be exploited by malicious people to
prevent users from accessing game servers.

The vulnerability is caused due to a design error and can be
exploited by a malicious game server by either not informing a
GameSpy master server when a user leaves, or replay certain CD-key
validation packets to a GameSpy master server. Both attack vectors
will cause a particular CD-key to be marked as being in use.

Successful exploitation prevent players with valid CD-keys from
playing online, but requires that a user has connected to a malicious
game server.

A design error in the GameSpy CD-Key validation process has also been
reported. This can be exploited by malicious people to bypass the
CD-Key validation process and play with a CD-Key already in use.

SOLUTION:
Connect to trusted game servers only.

The second design error will reportedly be fixed on the master
servers.

PROVIDED AND/OR DISCOVERED BY:
Luigi Auriemma

ORIGINAL ADVISORY:
http://aluigi.altervista.org/adv/gskeyinuse-adv.txt
http://aluigi.altervista.org/adv/gskeydisc-adv.txt

OTHER REFERENCES:
List of games using the In-Game GameSpy.net Toolkits and/or GameSpy
Arcade:
http://www.gamespy.net/partners/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------