Roger Wilco allows audio access
| roger-wilco-audio-access (15819) |  Low Risk |
Description:
Roger Wilco and Roger Wilco Base Station could allow a remote attacker to send audio streams to clients without being logged in or connected to the server.
Platforms Affected:
- GameSpy, Roger Wilco Dedicated Server for Win32 0.30a and prior
- GameSpy, Roger Wilco Graphical Server 1.4.1.6 and prior
Remedy:
No remedy available as of July 4, 2009.
Consequences:
Other
References:
- BugTraq Mailing List, Mar 31 2004 - 14:11:46 CST , RogerWilco: new funny bugs at http://archives.neohapsis.com/archives/bugtraq/2004-03/0352.html.
- BID-10025: Roger Wilco Server Unauthorized Audio Stream Denial Of Service Vulnerability
- BID-10026: ADA IMGSVR Remote Directory Listing Vulnerability
- BID-10027: ADA IMGSVR Remote File Download Vulnerability
- BID-10028: OpenBSD ISAKMPD Zero Payload Length Denial Of Service Vulnerability
- BID-1003: FTPx FTP Explorer Weak Password Encryption Vulnerability
- BID-10033: HAHTsite Scenario Server Project File Name Buffer Overrun Vulnerability
- BID-10036: Macromedia Dreamweaver Remote User Database Access Vulnerability
- CVE-2004-2451: Roger Wilco 1.4.1.6 and earlier, or Roger Wilco Base Station 0.30a or earlier, allows remote attackers to send audio to arbitrary channels, aka the Voices from the deep bug.
- SA11270: Roger Wilco Multiple Vulnerabilities
Reported:
Apr 04, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net