Armagetron Advanced released

Version of the multiplayer lightcycle game Armagetron Advanced has been released, fixing several vulnerabilities.

The most important vulnerability let modified clients send servers into infinite loops by exploiting a bug in handling the very, very old cycle turn command protocol.

The second vulnerability allowed anyone with enough access rights to execute "/admin include" to gain owner rights on a server and take it over for as long as it kept running.

The third problem are bugs in handling too large and/or forged network packages; they may result in reads from unallocated memory and thus server crashes.

Also, the source has been adapted to compile and run with gcc 4.6; previous versions would only compile with -fpermissive and authentication requests would get stuck in infinite loops in background threads.

On top of those fixes, a couple of minor bugs were eliminated: spelling fixes, for the most part.

Posted by Manuel Moos 2011-09-11

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks