|
 |
|
Dark Age of Camelot Weak Encryption Scheme
|
|
|
|
|
Secunia Advisory:
|
SA10429
|
|
|
Release Date:
|
2003-12-15
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Exposure of sensitive information
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Dark Age of Camelot
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
A weakness has been reported in Dark Age of Camelot, which may expose sensitive user information.
The problem is that Dark Age of Camelot has implemented an encryption scheme, which transmits enough information in clear text to allow malicious people, who can intercept traffic in transit, to decrypt any encrypted data. The encrypted data may include username, password, and credit card information.
A proof of concept exploit has been published, which can decrypt the data stream.
Reportedly only the North American version is affected as the European / Asian version communicate in a different way.
Solution:
Reportedly, version 1.66 live patch is not vulnerable.
Provided and/or discovered by:
Bryan Mayland
Todd Chapman
Original Advisory:
http://capnbry.net/daoc/daoc-billinginfo-exploit.html
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
