Luigi Auriemma

advisory:
http://aluigi.org/adv/ventrilobotomy-adv.txt

universal fix
http://aluigi.org/patches/ventrilobotomyfix.zip

well done Sheepa 8-)

fucking right man i love u 2. fucking brilliant i must say u guys never seem to let me down with ventrilo lol. this is sorta like the ventboom from the old previous ventrilo versions right? Only thing i wish now is a possible way getting around the wrong rcon pw kicker lol.

Well done sheepa and luigi. Tested it, and it works on my server. I had to force stop/start it before it became active again. Hopefully an official fix is released soon.

about the "official" fix I have noticed something very very strange on the Ventrilo's forum.
Just for curiosity in the last days sometimes I surf on the Ventrilo forum to see if they talk about a possible fix or about the vulnerability (the problem is in their software so they should talk about it) and the only things I have seen are posts which exist in the main page but don't exist in the section.

For example if you go here in this moment:

http://www.ventrilo.com/forums/forumdisplay.php?f=1

you will see that the latest post is a certain "Server patch soon?" which I imagine (since I have not read it although posted 40 minutes ago) it's about the new vulnerability but it no longer exists!

http://www.ventrilo.com/forums/forumdisplay.php?f=8

and this is not the first time, in fact the same is happening for all the new threads which are linked in the main menu but no longer exist in the Server section of the forum included one that luckily I was able to see before it's deleting (I though that the same author deleted it while now I know that I was wrong)

So the Ventrilo developers are deleting any reference to the problem... big shame on Flagship.
shame, shame and shame again.

Luigi, I have been watching their forums too, and I have noticed the exact same thing. In the "Last Post" you can sometimes see a reference to "server crasher bug" or "vulnerability", but when you click on the post the thread doesn't exist.

Their moderators are purposely removing the posts in an attempt to keep the issue quiet, instead of just releasing a fix. Perhaps a fix is too much of a hassle for them. What will be a bigger hassle for them is when some malicious user writes a script that loops through a list of 100000 active servers he generated and shuts them all down.

Funny how sometimes they can release fixes a day after an issue goes public, and other times they wait. Maybe someone who pads their wallet needs to complain instead of us. Oh, and if you are reading this "Flagship" -- shame on you.

I love to make gui s for his apps :]

I made one to loop thru it when it came out lol ... it just goes up a new port every 200ms






but as you probably know they arnt patching it :[



but some serves have become immune to it for some reason .. still dont know why but they said they never put the patch on the server

the immunity of some servers is a side effect of my fix 8-)

almost server updated to ver 3.0.3, i dont know it's accepted to crash it again, i tried some version 3.0.3 , it didn't not work but works in mine ;(

3.0.3 fixes it lol i was wondering how long it would take to fix nice job finding exploit tho lmfao it was fun while it lasted :P.

There is no 3.0.3 version on the Ventrilo website, where have you heard about this version?

Flagship sent a private 2.3.1 patch to their paid customers in the past when I released the ventboom advisory so probably they are doing the same in this occasion too

i dont know but i checked some in ventrilo status and they showed version 3.0.3 :)

examp:

ventrilo9.va.powervs.com 5139

It's Version 3.0.3

Name MSFC
Phonetic The Mighty Sad Funpoo Chicken
Comment Rule 1: Be Mature
Auth 0
Max Clients 24
Voice Codec GSM 6.10
Voice Format 11 KHz, 16 bit
Uptime 77633 (0 days and 21:33:53)
Platform WIN32
Version 3.0.3
Channel Count 20
Client Count 8

luigi, you stay true to what you said in your about page. it takes a person with an above average intelligence to code the exploits but a far more intelligent person to also fix what allowed it in the first place! i think by definition you a true engineer. keep up the good work, luigi.

in the case of this ventrilo's vulnerability there was also a lot of luck because it's not so frequent that the way for fixing or work-arounding a bug is so simple and portable on other platforms too 8-)