maybe this deserves an advisory but for the moment I post it here.
if you don't know the games in the title the following are their homepages:
http://www.gp-bikes.comhttp://www.worldracingseries.nethttp://www.kartracing-pro.comGP Bikes is really very good so take a look at it if you like racing games.
The games use all the same engine and they encrypt all the UDP packets
with blowfish (bf_ecb) using the key "fe7epraruWRa7reV".
This engine is vulnerable to an 8 bytes stack overflow because the
buffer is 1400 bytes long but the UDP packet received from the network
is 1408 bytes.
The overflow happens immediately after the decryption of the content.
Proof-of-concept:
nc SERVER PORT -u < piboso_1.dat
Note that Kart Racing Pro is compiled with the exception handler so there
is no code execution, only a crash.
